Page tree
Skip to end of metadata
Go to start of metadata

Unable to render {include} The included page could not be found.

(Home >> Service Configuration >> cPanel Web Services Configuration)

Overview

The system uses cipher suites to negotiate security settings for network connections over TLS/SSL. This interface allows you to edit the TLS/SSL Cipher List for cPanel, WHM, and Webmail.

Important:

We recommend that only advanced users edit the cipher list.

By default, cPanel & WHM uses the following protocol list for web services:

SSLv23:!SSlv2:!SSv3

By default,  cPanel & WHM uses the following cipher list for web services:

ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

Edit the cipher list

To edit the cipher list, perform the following steps:

  1. Enter the appropriate cipher in the text box.

    Note:

    • The default cipher list is PCI compliant. To edit the cipher list to improve the security level on your server, read Apache's SSLCipherSuite Directive documentation.
    • We do not recommend that you edit the cipher list to lower the security level. Make certain that the cipher suite uses at least 128-bit encryption.
  2. Click Save.

    Important:

    For your updated cipher list to take effect, you must enable the SSL Support for cPanel daemons (no stunnel) option in the System section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings).

Additional resources