Where has apache cipher config gone?

[HostaHost]

In Plesk 10 on CentOS using Apache, the SSL cipher configuration was set in /etc/httpd/conf.d/ssl.conf via the SSLProtocol and SSLCipherSuite directives. In Plesk 11 on CentOS with Apache, that entire section of the config file is commented out. I can't find anything related to ciphers in the core apache files, in the conf.d files, in the /var/www/vhosts/domain/conf/ files or in the files in /usr/local/psa/admin/conf/generated/.

Where has the cipher configuration gone?

 

[IgorG]

There is following default values if you haven't specified these directives:

for SSLCipherSuite it is ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

If you have istalled mod_ssl you can create file /etc/httpd/conf.d/ssl.conf with following content:

<IfModule mod_ssl.c>
SSLProtocol all -SSLv2
SSLCipherSuite это ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
</IfModule>

BTW, SSLCipherSuite HIGH:MEDIUM:!ADH would be better.

 

[HostaHost]

We've found we need the following to get it to pass security scans:

SSLProtocol all -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH:!DH:!MD5:!aNULL:!eNULL:!SSLv2:!LOW

 

[IgorG]

We've found we need the following to get it to pass security scans:

SSLProtocol all -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH:!DH:!MD5:!aNULL:!eNULL:!SSLv2:!LOW

Thank you for useful information!