How to Disable the Weak Ciphers – Apache/IHS


SSL Cipher is an encryption algorithm, which is used as a key between two computers over the Internet. Data encryption is the process of converting plain text into secret ciphered codes.

It’s based on your web server SSL Cipher configuration and strong protocol that allows data encryption to take place.

So it’s important to configure SSL Cipher and enable above TLS 1.1 & TLS 1.1, which is stronger and not vulnerable.



RC4 & MD5 cipher algorithms are considered vulnerable ciphers.

  • Go to conf folder of your web server (or) edit your virtual host file
  • Modify SSLCipherSuite  directive in httpd-ssl.conf as below to accept only higher encryption algorithms
  • Set your Protocols to accept only TLSV1.2 and TLSv1.1. If you could afford it you can remove the TLS1.1 as well and keep only TLSv1.2 ( By doing this you can disable the SSLV2, SSLv3)
SSLProtocol +TLSv1.1 +TLSv1.2

Save the configuration file and restart apache server

Note: if you have many weak ciphers in your SSL auditing report, you can quickly reject them adding ! at the beginning. of whatever the cipher name is specified


Follow me on Linkedin My Profile
Follow DevopsJunction onFacebook orTwitter
For more practical videos and tutorials. Subscribe to our channel

Buy Me a Coffee at

Signup for Exclusive "Subscriber-only" Content