[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

SSLCipherSuite Settings to enable Strong Encryption

Posted on 2008-11-05
2
Medium Priority
?
4,895 Views
Last Modified: 2012-08-14
I am running a small ecommerce web site on a LAMP system with Apache2.2.9. I've recently had a PCI Compliance scan that found weak SSL Ciphers. I've added this to my Apache ssl.conf

SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite SSLv3:+HIGH:+MEDIUM

A subsequent PCI Scan reported weak SSL Ciphers and anonymous SSL Ciphers.

What else do I need to do to get strong encryption and disallow anonymous SSL Ciphers?

Thanks,
Rick
0
Comment
Question by:RickKnight
2 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 750 total points
ID: 22893362
You can
openssl ciphers -v 'SSLv3:+HIGH:-MEDIUM:-LOW'
See, there there is even NULL cipher!

openssl ciphers -v 'HIGH:+MEDIUM:-LOW'
shows decent ciphers only - try it.

On the other hand You should not worry. well designed client negotiates the most stronger cipher server supports.
0
 

Author Comment

by:RickKnight
ID: 22896955
Thanks ravenpl, that's what I needed.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question