I have disabled SSLv2 for the main server IP by following this thread: http://www.directadmin.com/forum/showthread.php?t=22787
I however cannot get any of the virtual hosts to show sslv2 disabled.
I have edited and added the following to these files:
/usr/local/directadmin/data/templates/custom/ips_virtual_host.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/ips.conf
/etc/httpd/conf/extra/httpd-ssl.conf
/etc/httpd/conf/extra/httpd-vhosts.conf
Restarted apache (1.3.x) with no success in disabling SSLv2
Can anyone help me get this sorted?
Anyone running Apache 1.3 and passing PCI compliance? If so what did you change and in what files.
Please let me know if you need more information and I'll provide it.
I'm getting desperate to get this solved.
I however cannot get any of the virtual hosts to show sslv2 disabled.
I have edited and added the following to these files:
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!SSLv2:!ADH:!aNULL:!eNULL:!NULL:!EXP:-MEDIUM:+HIGH
/usr/local/directadmin/data/templates/custom/ips_virtual_host.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/ips.conf
/etc/httpd/conf/extra/httpd-ssl.conf
/etc/httpd/conf/extra/httpd-vhosts.conf
Restarted apache (1.3.x) with no success in disabling SSLv2
Can anyone help me get this sorted?
Anyone running Apache 1.3 and passing PCI compliance? If so what did you change and in what files.
Please let me know if you need more information and I'll provide it.
I'm getting desperate to get this solved.