Page tree
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 62

(Home >> Service Configuration >> cPanel Web Services Configuration)

Overview

The system uses cipher suites to negotiate security settings for network connections over TLS/SSL. This interface allows you to edit the TLS/SSL Cipher List for cPanel, WHM, and Webmail.

Important:

We recommend that only advanced users edit the cipher list.

Defaults

By default, cPanel & WHM uses the following cipher list for web services:

 Click to view...
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

By default, cPanel & WHM uses the following protocol list for web services:

 Click to view...
SSLv23:!SSLv2:!SSLv3

Edit the cipher list

To edit the cipher list, enter the appropriate cipher in the text box and click Save.

Notes:

  • The default cipher list is PCI compliant. To edit the cipher list to improve the security level on your server, read Apache's SSLCipherSuite Directive documentation.
  • We do not recommend that you edit the cipher list to lower the security level. Make certain that the cipher suite uses at least 128-bit encryption.

Edit the protocol list

To edit the protocol list, enter the appropriate protocol list in the text box and click Save.

Additional documentation

There is no content with the specified labels

There is no content with the specified labels

There is no content with the specified labels

There is no content with the specified labels