Cipher Suites

bryantpcsolutions

In doing a network scan I can not figure out how to disable the "Weak Ciphers" in the config file. This is what is says (I have actually removed most but scans still say it's there:
ciphers>RC4-SHA:HIGH:MEDIUM:LOW:DEFAULT:-EXP:!SSLv2:!ADH:!aNULL:!eNULL:!NULL</ciphers>
Any ideas?

admin

bryantpcsolutions wrote
In doing a network scan I can not figure out how to disable the "Weak Ciphers" in the config file. This is what is says (I have actually removed most but scans still say it's there:
ciphers>RC4-SHA:HIGH:MEDIUM:LOW:DEFAULT:-EXP:!SSLv2:!ADH:!aNULL:!eNULL:!NULL</ciphers>
Any ideas?

On pre-2.11 versions of Abyss Web Server, RC4 cipher was active. On these versions, you should change the ciphers suite to the following line:
EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4
This parameter is available in the section described in http://www.aprelium.com/data/doc/2/abyssws-win-doc-html/hosts-configuration.html#HOSTS-GENERAL-ADVANCED-SECURELAYER
This should remove RC4 from the list of negotiated ciphers.
We suggest using Qualys SSL labs' test available in https://www.ssllabs.com/ssltest/ to validate your HTTPS site and test it against vulnerabilities and certificate issues.