Disabling SSLv2 for PCI compliance

[akiva]

Hi

I've RTFM. I've googled. I've tried every possible change to every possible config file suggested.

And SSLv2 stayed active (according to our PCI security check)

Anyone have any suggestions?

TIA

 

[arctic_ged]

I have the same problem.. have you had any luck fixing this?

 

[McMac@]

ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

in

/var/qmail/control/tlsserverciphers

and

var/qmail/control/tlsclientciphers


then restart Qmail

 

[Amin Taheri]

if you mean SSL v2 in apache try here - this worked for me
http://www.pleskhosts.com/forum/showthread.php?t=28

 

[akiva]

Originally posted by McMac
ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
in
/var/qmail/control/tlsserverciphers
and
var/qmail/control/tlsclientciphers
then restart Qmail

Thanks -- the two files don't exist -- I assume I can just create them? What permissions do I need to assign?

And how do I restart qmail? the qmail FAQ gives a method, but it didn't seem to work for me...

thanks

 

[breun]

And how do I restart qmail? the qmail FAQ gives a method, but it didn't seem to work for me...

You can restart qmail using Plesk under Server -> Service Management. I don't know what distro you're running, but I can use 'service qmail restart' on CentOS.

 

[akiva]

Thanks -- that did it

(I had been trying from the command line...)

 

[genxer]

The quickest fix we found was using hackersafe/scan alert.

Ours passed no issues