« previous next »
Pages: [1]

Author Topic: Trying to turn off support for TLSv1 and v1.1  (Read 2656 times)

0 Members and 1 Guest are viewing this topic.

Offline
wex65
*
Trying to turn off support for TLSv1 and v1.1
« on: May 24, 2021, 09:30:52 PM »
Probably like many others I am trying to prevent TLSv1 and TLSv1.1 from being used, mainly to meet PCI requirements. After doing a little research it seems I needed to insert the following line into the /usr/local/apache/conf.d/ssl.conf file

SSLProtocol all -SSLv3 -SSLv2 -TLSv1 -TLSv1.1

I restarted apache using the CWP dashboard but still get notifications that my site does support TLS1 and 1.1. Can anyone give me a pointer on next steps? If I make a typo on that line apache will not start so I know it is at least reading that file.

Should I be doing this somewhere else or in CWP??

Thanks,
wex
Logged
Offline
Sandeep
*****
Re: Trying to turn off support for TLSv1 and v1.1
« Reply #1 on: May 25, 2021, 02:19:07 AM »
Logged
Offline
wex65
*
Re: Trying to turn off support for TLSv1 and v1.1
« Reply #2 on: May 25, 2021, 12:21:30 PM »
Sandeep, many thanks for the reply. The server is already up and running so I am a little wary about re-installing everything from scratch. I was hoping there was an edit I could make to an existing conf file to prevent TLSv1 and v1.1 but assuming that to NOT be the case will look at this link this weekend during some downtime for the site.

Many thanks again.
Logged
Offline
Namaste
***
Re: Trying to turn off support for TLSv1 and v1.1
« Reply #3 on: June 08, 2021, 03:03:46 PM »
/usr/local/apache/conf.d/ssl.conf

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Logged
Listen to everything Pixelpadre says.
Pages: [1]
« previous next »