The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PCI compliance and BEAST

Discussion in 'Security' started by izghitu, Nov 26, 2012.

  1. izghitu

    izghitu Well-Known Member

    Joined:
    Aug 9, 2006
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I am trying to pass PCI compliance test on my cpanel/WHM server.

    I was able to fix everything for apache but it is still failing for cpanel ports and courier-imap ports. I am using stunnel for cpanel/whm

    Can someone please tell me how do I fix those?

    For courier-imap I am already using this:
    TLS_CIPHER_LIST="ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

    and for stunnel:
    options = NO_SSLv2
    ciphers = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

    but it did not help

    Please advise
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,453
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. izghitu

    izghitu Well-Known Member

    Joined:
    Aug 9, 2006
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
  4. izghitu

    izghitu Well-Known Member

    Joined:
    Aug 9, 2006
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    ok, it has been fixed using
    Code:
    RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!ADH:!AESGCM:!AES:!DES-CBC3-SHA:!CAMELLIA256-SHA:!CAMELLIA128-SHA:!AES256-SHA
    
    Thanks
     
Loading...

Share This Page