Results 1 to 3 of 3
  1. #1
    Join Date
    Aug 2008

    Arrow Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)

    we have installed csf firewall AND i have seen warning for Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)
    Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Apache Configuration > Global Configuration > SSLCipherSuite > Add -SSLv2 to SSLCipherSuite and/or remove +SSLv2. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
    Should we disable this option as mention above

    We are using
    cPanel 11.24.5-R37946
    WHM 11.24.2 - X 3.9
    CENTOS 5.3 i686 standard

  2. #2
    Join Date
    Aug 2000
    We have it disabled on our servers - it's probably a good idea to disable it

  3. #3
    Indeed. Disabling SSLv2 and other weak encryption methods is a good idea. It also helps in achieving PCI compliance (in case you go for that in future).

Similar Threads

  1. Check- Install - test Mod_rewrite apache 2
    By Blueheaven in forum Hosting Security and Technology
    Replies: 3
    Last Post: 03-30-2005, 08:00 PM
  2. check reason why Apache restart
    By HD Fanatic in forum Dedicated Server
    Replies: 5
    Last Post: 03-28-2005, 03:14 PM
  3. My javascript-fu is weak...
    By Zopester in forum Web Design and Content
    Replies: 5
    Last Post: 07-20-2004, 06:10 AM
  4. How do check apache version
    By LCHwebHost in forum Hosting Security and Technology
    Replies: 14
    Last Post: 11-01-2003, 10:36 AM
  5. not for weak stomachs
    By zdwebhosting in forum Web Hosting Lounge
    Replies: 31
    Last Post: 02-15-2003, 06:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts