By: ndbreeding01

November 7, 2008 12:23 pm


Resolve Cipher and SSL Threats in Security Scans

The remote service supports the use of weak SSL ciphers. Modify the /etc/apache2/vhosts.d/vhost-ssl.conf with the following line: SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL   change to: SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXP:+eNULL" set in   The "!" prevents the export of the ciphers causing problems. Change +LOW to !LOW to prevent […]

Read More