• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

PCI Complience SSLv3 for Plesk Control Panel

P

prussell

Guest
I recently upgraded from the Plesk 8.1 version on Windows to 9.5. Version 8.1 was running in IIS. The new version of Plesk is running from Apache. I am trying to pass PCI Scan and the last problem I have is a SSLv2 vulnerability. I have already made the adjustments for IIS in the registry, but not for tcp/8443 which is running from apache.

How do I configure Apache to only use SSLv3.

Thanks
Patrick
 
Hi IgorG

Yes, I have read and made the modifications for a Windows Server according to the guide. The problem is that Plesk Panel is now using Apache instead of IIS. Even though I have disabled PCT1 and SSLv2 per the Windows section of the guide, the Plesk Panel & Apache is still using SSLv2. The guide does not cover PCI Complience for Apache on Windows.

I can't run the resolver described in the Linix/FreeBSD section of the guide. Is there a way to do it manually?

Thanks
Patrick
 
Yes that would be an option.

Thanks Igor

Regards
Patrick
 
You must log in or register to reply here.

Similar threads

K
Question Why am I unable to login via FTP to version 18.0.70 Update #1
Replies
2
Views
1K
Kwasi
K
NateWon
Question Composer and default PHP version
Replies
1
Views
873
Kaspar
K
Z
Issue Major security inconsistency in Plesk admin access control logic
Replies
7
Views
2K
zigzag
Z
jola
Issue Firewall stops working
Replies
7
Views
2K
Peter van der Kleij
P
JerryTek101
Issue AtomicCorp Advanced Mod Security ruleset not installing latest rules - Debian 12 - Version 18.0.67
Replies
2
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top