• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Disabling SSLv2 on a per-site basis?

H

Hostasaurus@

Guest
To achieve PCI compliance on a server for a customer website, we're trying to disable the acceptance of SSLv2 for just that customer's site. I've added the following to their vhost_ssl.conf without success:

SSLProtocol all -SSLv2

The apache documentation indicates that SSLProtocol is a command that can be used in both global and virtual host levels so the addition to the vhost_ssl.conf should have made this work. I ended up having to add it to the /etc/httpd/conf.d/ssl.conf at the global level to make it work. Do you know why that would have not worked in vhost_ssl.conf? Other statements in the vhost_ssl.conf are working fine so I know it's being included properly.
 
You must log in or register to reply here.

Similar threads

carlsson
Resolved Panic! Site crashed and restoring backup fails
Replies
18
Views
4K
carlsson
carlsson
S
Apache does not apply .htaccess directives for certain files after migration through Plesk Migrator
Replies
2
Views
4K
NewGate
N
M
Question Email Security Pro command line per user settings
Replies
1
Views
2K
Mike99
M
F
Issue Downloads abort after 1gb or a bit later
Replies
6
Views
3K
mow
M
L
Question TLS 1.3 on Litespeed webservers / Obsidian
Replies
0
Views
2K
lenala
L
Back
Top