AnsweredAssumed Answered

Beast vulnerability Configuration

Question asked by Sarun Raj on Mar 29, 2015
Latest reply on Mar 29, 2015 by Sarun Raj

I fellow members I need your help solving the issue that I am having regarding beast vulnerability

 

Recently scan to a website  failed due to following reason.

 

Summary: Server is susceptible to Beast attack Server accepted TLS 1.0 CBC cipher: TLS_RSA_with_3DSE_EDE_CBC_SHA

 

After doing some research I found I need to add these line to configuration file

 

SSLHonorCipherOrder On

 

SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

 

My problem is, which configuration file should I add these lines? Is it inside httpd.conf or inside mode_ssl or  I am just moving wrong way? Can anyone clarify please me.

 

Thanks in advance.

Outcomes