Plesk/Qmail PCI DSS issue
Posted: Mon Dec 01, 2008 10:58 am
I have run a scanner on my server to test for PCI DSS compliance and I have got rid of all the issues - except one!
The issue is Qmail on port 465 accepting SSLv2 and weak ciphers.
I notice that ASL takes care of Plesk admin doing this in /usr/local/psa/admin/conf/httpsd.asl.include:
The issue is Qmail on port 465 accepting SSLv2 and weak ciphers.
I notice that ASL takes care of Plesk admin doing this in /usr/local/psa/admin/conf/httpsd.asl.include:
Is there a way to fix Qmail likewise? (Hopefully a way that won't risk breaking the Plesk/Qmail setup!)SSLCipherSuite ALL:!ADH:!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM
SSLProtocol all -SSLv2