SSL Cipher is an encryption algorithm, which is used as a key between two computers over the Internet. Data encryption is the process of converting plain text into secret ciphered codes.
It’s based on your web server SSL Cipher configuration and strong protocol that allows data encryption to take place.
So it’s important to configure SSL Cipher and enable above TLS 1.1 & TLS 1.1, which is stronger and not vulnerable.
RC4 & MD5 cipher algorithms are considered vulnerable ciphers.
- Go to
conf folder of your web server (or) edit your virtual host file
SSLCipherSuite directive in
httpd-ssl.conf as below to accept only higher encryption algorithms
- Set your Protocols to accept only TLSV1.2 and TLSv1.1. If you could afford it you can remove the TLS1.1 as well and keep only TLSv1.2 ( By doing this you can disable the SSLV2, SSLv3)
SSLProtocol +TLSv1.1 +TLSv1.2
Save the configuration file and restart apache server
Note: if you have many weak ciphers in your SSL auditing report, you can quickly reject them adding ! at the beginning. of whatever the cipher name is specified
Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel
Signup for Exclusive "Subscriber-only" Content
More from Middleware Inventory
Denial of Service or Slow Loris – Apache/IHS
Overview A Slowloris or Slow HTTP DoS attack is a type of denial of service that can affect thread-based web servers such as Apache. This means that your Apache web servers for Faspex or Console are vulnerable to this attack (applications based on nginx, such as Shares, are safe). The attack exploits…
Disable WebServer Banner Apache/IHS
Overview Don’t display or send Apache version (Set ServerTokens) By default, the server HTTP response header will contains apache and php version. Something similar to the following. This is harmful, as we don’t want an attacker to know about the specific version number. Apache can reveal information by default configuration,…
Cross Site Scripting Attack - Apache/IHS
Overview Cross Site Scripting (XSS) protection can be bypassed in many browsers. You can apply this protection for a web application if it was disabled by the user. This is used by a majority of giant web companies like Facebook, Twitter, Google, etc. Solution Go to $Web_Server/conf directory Open…
Apache Webserver Basic Authentication using htpasswd - How to
Overview To Secure the Apache Virtualhost (or) a particular document root /directory. We can use this Basic Auth mechanism. When the user is trying to access the resource from the directory. User will be prompted for Authentication. Step1 Create a Password file with username and password entry using htpasswd tool. Available…
How to integrate weblogic and apache web server - Steps
Weblogic and Apache Webserver integration To Integrate Weblogic Application server with Apache Webserver, We have to install weblogic plugin on the Apache HTTP Server. Plugins for Apache will be available on Oracle (or) you can find them in your weblogic installed location under " ServerRoot/server/plugins" Under plugins directory of weblogic server…