1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Disabling SSLv2 for PCI compliance

Discussion in 'Plesk for Linux - 8.x and Older' started by akiva, Jun 25, 2007.

  1. akiva

    akiva Guest

    0
     
    Hi

    I've RTFM. I've googled. I've tried every possible change to every possible config file suggested.

    And SSLv2 stayed active (according to our PCI security check)

    Anyone have any suggestions?

    TIA
     
  2. arctic_ged

    arctic_ged Guest

    0
     
    I have the same problem.. have you had any luck fixing this?
     
  3. McMac@

    McMac@ Guest

    0
     
    ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

    in

    /var/qmail/control/tlsserverciphers

    and

    var/qmail/control/tlsclientciphers


    then restart Qmail
     
  4. Amin Taheri

    Amin Taheri Golden Pleskian Plesk Certified Professional

    33
     
    Joined:
    Jul 5, 2007
    Messages:
    1,398
    Likes Received:
    1
    Location:
    Seattle Area
  5. akiva

    akiva Guest

    0
     
    Thanks -- the two files don't exist -- I assume I can just create them? What permissions do I need to assign?

    And how do I restart qmail? the qmail FAQ gives a method, but it didn't seem to work for me...

    thanks
     
  6. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    You can restart qmail using Plesk under Server -> Service Management. I don't know what distro you're running, but I can use 'service qmail restart' on CentOS.
     
  7. akiva

    akiva Guest

    0
     
    Thanks -- that did it

    (I had been trying from the command line...)
     
  8. genxer

    genxer Guest

    0
     
    The quickest fix we found was using hackersafe/scan alert.

    Ours passed no issues
     
Loading...