Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED TLS 1.0 disabled on Nginx

Discussion in 'Security' started by webtipster, Jun 12, 2018.

Tags:
  1. webtipster

    webtipster Active Member

    Joined:
    Aug 27, 2016
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Atlanta, GA
    cPanel Access Level:
    Website Owner
    Hi guys,

    Can't figure this one out... When running ssllabs.com SSL test I see that on one of the servers TLS 1.0 and TLS 1.1 are still enabled. When I compare the settings with another server I basically have the same, but on the 2nd server they are disabled.

    I just can't figure it out, perhaps I've been staring at it too long.
    Any ideas what am I missing here?


    Apache configuration

    SSL cipher suite:
    default
    SSL/TLS protocols: default (TLSv1.2).


    cPanel Web Disk Configuration

    TLS/SSL Cipher Suite:

    ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS
    TLS/SSL Protocols: SSLv23:!SSLv2:!SSLv3


    cPanel Web Services:

    TLS/SSL Cipher List:

    ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
    TLS/SSL Protocols: SSLv23:!SSLv2:!SSLv3


    Thanks in advance!
     
  2. webtipster

    webtipster Active Member

    Joined:
    Aug 27, 2016
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Atlanta, GA
    cPanel Access Level:
    Website Owner
    DUH!!! LOL!

    Ok I forgot that I had nginx running on this one. Yea, starred at it too long lol. Made an edit on the common_https.conf and added the following changes:

    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384'

    In case anyone else runs into these types of issues. :)

    Thanks!
     
    cPanelMichael likes this.
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,672
    Likes Received:
    1,788
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @webtipster,

    I'm glad to see you were able to solve the issue. Thank you for sharing the outcome.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice