PCI Compliance - Beast Attack - Updated Information?

CCSupport

Member
Dec 14, 2014
17
0
1
cPanel Access Level
Root Administrator
Hello all,

We recently had cPanel support change some settings due to browser issues and unfortunately we are now failing our PCI Compliance :(

The issue was that we had TLS 1.0 disabled to mitigate PCI scan risks, so enabling it corrected the issue for browser compatibility but now we are open to the Beast Attack exploit.

I have read a huge amount on a number of forums, including this one and in all honesty it's either outdated or is contradicting.

Does anyone have some information to mitigate this exploit within WHM/cPanel?

Our setup is:

WHM 11.46
Centos 6.6

All updated.

ANY help would be greatly appreciated!

- - - Updated - - -

Forgot to add - Apache 2.4
 

CCSupport

Member
Dec 14, 2014
17
0
1
cPanel Access Level
Root Administrator
Thanks for the reply.

Yes, found that thread. However, as mentioned in my post, most I found were outdated. The link referenced in the above forum post is dated back to 2012. Since then there have been a number of PCI changes and also the update of Apache etc. along with a change to recommended ciphers. The link just confuses things.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
I have read a huge amount on a number of forums, including this one and in all honesty it's either outdated or is contradicting.
Could you let us know what you currently have configured for your Apache "SSL Cipher Suite"?

Thank you.