PCI compliance and BEAST

izghitu · Nov 26, 2012

Hi,

I am trying to pass PCI compliance test on my cpanel/WHM server.

I was able to fix everything for apache but it is still failing for cpanel ports and courier-imap ports. I am using stunnel for cpanel/whm

Can someone please tell me how do I fix those?

For courier-imap I am already using this:
TLS_CIPHER_LIST="ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

and for stunnel:
options = NO_SSLv2
ciphers = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

but it did not help

Please advise

Infopro · Nov 27, 2012

See if this thread is helpful:
http://forums.cpanel.net/f185/ssl-beast-workaround-whm-cpanel-306051.html

izghitu · Nov 27, 2012

Infopro said: ↑

See if this thread is helpful:
http://forums.cpanel.net/f185/ssl-beast-workaround-whm-cpanel-306051.html
Click to expand...

that thread does not contain anything that would help fix the cPanel/WHM and courier-imap ports

Please help

izghitu · Nov 27, 2012

ok, it has been fixed using

Code:

RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!ADH:!AESGCM:!AES:!DES-CBC3-SHA:!CAMELLIA256-SHA:!CAMELLIA128-SHA:!AES256-SHA

Thanks

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

PCI compliance and BEAST

izghitu Well-Known Member

Infopro cPanel Sr. Product Evangelist
Staff Member

izghitu Well-Known Member

izghitu Well-Known Member

PCI Compliance for Passive FTP Ports

Security Metrics refuse cPanel PCI Compliance

PCI Compliance - TLS 1.0 Protocol Detection

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

PCI compliance and BEAST

izghitu Well-Known Member

Infopro cPanel Sr. Product Evangelist Staff Member

izghitu Well-Known Member

izghitu Well-Known Member

PCI Compliance for Passive FTP Ports

Security Metrics refuse cPanel PCI Compliance

PCI Compliance - TLS 1.0 Protocol Detection

Share This Page

Infopro cPanel Sr. Product Evangelist
Staff Member