How to force SSLv3 ssl_cipher option in DirectAdmin
Edit - /usr/local/directadmin/conf/directadmin.conf file
directadmin.conf option called:
ssl_cipher=
default value is internally ‘null’ (not used).
If anything is set for that variable (has to be added) then those values are passed to the ssl function:
SSL_set_cipher_list
so as to enforce which versions of ssl are allowed to connect.
The main reason to use this feature is to pass low level security scans which don’t like SSLv2.
A sample value for this option would be:
ssl_cipher=ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
Reference - http://www.directadmin.com/
Leave a Reply
You must be logged in to post a comment.
