Protect your WHM/cPanel server against poodle/SSL3 issues

Follow

When testing your server for SSL issues on the site - https://www.ssllabs.com/ssltest/analyze.html the results come back with a poor score and list of problems that need to be rectified.

These steps will help secure a high score for you.

 

1) Log into WHM

2) Select Service Configuration

3) Select Apache Configuration

4) Select Include Editor

5) Select "Pre Main Include"

6) Paste the following into the textbox:

Header add Strict-Transport-Security “max-age=31536000″
SSLHonorCipherOrder On
SSLProtocol All -SSLv2 -SSLv3
SSLCompression off
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4

7) Click "Save"

8) Click "Restart Apache"

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk