• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Disabling SSLv2 on a per-site basis?

H

Hostasaurus@

Guest
To achieve PCI compliance on a server for a customer website, we're trying to disable the acceptance of SSLv2 for just that customer's site. I've added the following to their vhost_ssl.conf without success:

SSLProtocol all -SSLv2

The apache documentation indicates that SSLProtocol is a command that can be used in both global and virtual host levels so the addition to the vhost_ssl.conf should have made this work. I ended up having to add it to the /etc/httpd/conf.d/ssl.conf at the global level to make it work. Do you know why that would have not worked in vhost_ssl.conf? Other statements in the vhost_ssl.conf are working fine so I know it's being included properly.
 
You must log in or register to reply here.

Similar threads

M
Question Email Security Pro command line per user settings
Replies
1
Views
1K
Mike99
M
L
Question TLS 1.3 on Litespeed webservers / Obsidian
Replies
0
Views
1K
lenala
L
Mark12345
Issue A+ SSL/TLS Test - PCI Compliance - Ciphers - Oh My
Replies
8
Views
3K
Mark12345
Mark12345
J
Can't disable TLS v1.0
Replies
12
Views
4K
TimReeves
TimReeves
T
Question Apache 2.4 - every page in my site works, expect home
Replies
3
Views
3K
ahmad314
A
Back
Top