AnsweredAssumed Answered

How to disable RC4 cipher, which is weak

Question asked by |Mark| on Dec 15, 2014
Latest reply on Dec 15, 2014 by |Mark|

Hi,

after recent scan on SSL LAB i see my grade is set to B because RC4 is supported by my Apache server.

How i can disable RC4 so have a security level for SSL?

 

Also a question,

in the past i have added to my apache configuration SSL directive

 

SSLProtocol all -SSLv2 -SSLv3

SSLHonorCipherOrder on

and under SSLCipherSuite followed by a code, can i past here or is something to keep private? (i mean SSLCipherSuite used by a website can be published in a form for discussion or maybe shold keep private?)

 

Wih this lines in apache my SSL security on SSL LAB was A - but now is B because i see RC4 support yellow message.

 

So can you told me how to set my grade up maybe the right SSLCipherSuite for have grade set to A +?

 

Many thanks.

I hope in a reply

 

| Mark |

 

 

Messaggio modificato da Mark B

Outcomes