We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
How can I Disable SSL Cipher Suites?
How can I Disable SSL Cipher Suites?
Hello,
I want to disable some ssl cipher suites in my server but I didin't find the correct config files, right now my website is running nginx as a reverse proxy and I need to disable the following ciphers:
I tried modifying /etc/nginx/nginx.conf but I had no luck.
I want to disable some ssl cipher suites in my server but I didin't find the correct config files, right now my website is running nginx as a reverse proxy and I need to disable the following ciphers:
Code: Select all
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16)
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88)
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45)
Re: How can I Disable SSL Cipher Suites?
Hi,
How can I disable everything except TLSv1.2, running on apache only?
EDIT:
Solved by just adding in /etc/httpd/conf/httpd.conf
How can I disable everything except TLSv1.2, running on apache only?
EDIT:
Solved by just adding
Code: Select all
SSLProtocol TLSv1.2