-DELETE -SSL Ciphers - Weak SSL Cipher Detected

Here at Total Server Solutions we spend a lot of time ensuring our servers are PCI Compliant. Some of our clients on VPS Systems and on Dedicated Servers however may not be 100% compliant due to their own internal server management and software control. One of the more frequent items that come up are the "Weak Ciphers" flag. The Ciphers that we recommend at Hands-on Web Hosting are the following: ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:+SSLv3:+TLSv1:RC4+RSA:+HIGH:+MEDIUM

The above settings are stronger encryption than what most PCI Companies recommend but are accepted by the top 4 PCI Scanning companies as compliant code. To modify, go into your WHM, click the APACHE CONFIGURATION under the SERVICE CONFIGURATION section, then enter the above ciphers into the first part on that page. Once you click save, it will ask to rebuild the apache configuration, and you'll click that too. Have the PCI Company re-run the scan and the ciphers should pass without an issue.

  • Email, SSL
  • 9 Users Found This Useful
Was this answer helpful?

Related Articles

How do I find my root password?

1) Log into your billing account: https://portal.my-tss.com/clientarea.php 2) Click on the...

How to generate a CSR in WHM

You would like to purchase or transfer an SSL certificate but need a CSR to do so. Here's how to...

Changing ip addresses

To move an account from one ip to another in WHM:1) Log into WHM using root login details....

-DELETE How to downgrade MySQL from Version 5 to Version 4

If you've upgraded your MySQL Software to the newest version but for whatever reason need to...

How to disable Recursive DNS Lookups

A very common PCI Issue is related to the DNS servers.  In order to be PCI Compliant you must...