The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

port 2096 disable SSLv2

Discussion in 'Workarounds and Optimization' started by izghitu, Jan 28, 2012.

  1. izghitu

    izghitu Well-Known Member

    Joined:
    Aug 9, 2006
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I am failing the PCI compliance scan at Security Metrics because of port 2096:
    Code:
    Description: SSL server accepts SSLv2 protocol Severity: Potential Problem Impact: A remote attacker with the ability to sniff network traffic could decrypt an encrypted session. Resolution For Apache mod_ssl web servers, use the [http://httpd.apache.org/docs/2.0/mod/mo d_ssl.html#sslciphersuite] SSLCipherSuite
    .......
    The cpsrvd service is listening on that port, can anyone please tell me how do I disable SSLv2 for that service?

    THanks in advance.
     
  2. faisikhan

    faisikhan Well-Known Member

    Joined:
    Dec 12, 2011
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Islamabad, Pakistan
    cPanel Access Level:
    Root Administrator
    Hi izghitu,

    Did you see that link?
    /http://blog.serverbuddies.com/tag/disable-sslv2-on-cpanel-and-apache-ports/ I hope it will help you to disable SSLv2.
     
  3. Eric

    Eric Administrator
    Staff Member

    Joined:
    Nov 25, 2007
    Messages:
    745
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Howdy,

    Nice workaround.

    Thanks!
     
  4. NixTree

    NixTree Well-Known Member

    Joined:
    Aug 19, 2010
    Messages:
    386
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Gods Own Country
    cPanel Access Level:
    Root Administrator
    Hello,

    One issue I ntoiced while switching to stunnel is, cpanel access log will show the IP 127.0.0.1 for any cPanel / WHM access. So we can't trace the exact source IP, if we want to do it any time!

    Thank you,
    Nibin.
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    To the original poster, you can modify the ciphers used by cpsrvd using the cPanel Web Services Configuration interface in WHM.
     
Loading...

Share This Page