How to disable SSL2.0 in apache
by admin on Jan.11, 2012, under DirectAdmin
To disable the SSL2.0 protocol (thus forcing 3.0),
for apache 1.3, find the line:
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
and change it to:
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL
Note the 2 changes: a) remove the # character at the beginning of the line, and b) change +SSLv2 to !SSLv2
For apache 2.x, do the same thing, but instead it will be in the /etc/httpd/conf/ssl.conf file, or for the new apache system, /etc/httpd/conf/extra/httpd-ssl.conf (if you have both files, just change it in both).
Related posts:
- How to downgrade from apache 2 back to apache 1.3 If you need to go back to apache 1.3 after...
- Apache won’t start and there is nothing in the logs Chance are, if apache isn’t starting and isn’t logging anything,...
- Apache won’t start after update on FreeBSD An issue with php/apache is causing apache not to start...
- Apache stops responding but is running A few things that could cause that are: Possible Causes:...
Related posts brought to you by Yet Another Related Posts Plugin.
No comments for this entry yet...
