cPanel Web Disk Configuration
Valid for versions 88 through the latest version
Version:
88
Last modified: June 13, 2024
Looking for this interface?
Your hosting provider can enable or disable this interface for resellers in WHM's Edit Reseller Nameservers and Privileges interface (WHM >> Home >> Resellers >> Edit Reseller Nameservers and Privileges).
Overview
The system uses cipher suites to negotiate security settings for Web Disk network connections over TLS/SSL. This interface allows you to edit the TLS/SSL cipher and protocol lists for Web Disk.
We recommend that only advanced users edit the cipher and protocol lists.
cPanel & WHM supports Transport Layer Security (TLS) protocol version 1.2 and Transport Layer Security (TLS) protocol version 1.3:
- cPanel & WHM only supports TLSv1.2 or later. The system enables TLSv1.2 by default.
- Not all clients will support TLSv1.3, which requires OpenSSL 1.1.1 or higher.
Defaults
By default, cPanel & WHM uses the following cipher list for web services:
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256By default, cPanel & WHM uses the following protocol list for web services:
SSLv23:!SSLv2:!SSLv3:!TLSv1:!TLSv1_1Edit the cipher list
To edit the TLS/SSL Cipher List value, perform the following steps:
- Enter the appropriate cipher in the text box.
Note:
- The default cipher list is PCI compliant. To edit the cipher list to improve the security level on your server, read Apache’s SSLCipherSuite Directive documentation.
- We do not recommend that you edit the cipher list to lower the security level. Make certain that the cipher suite uses at least 128-bit encryption.
- Click Save.
Edit the protocol list
To edit the TLS/SSL Protocol list, perform the following steps:
- Enter the appropriate protocols in the text box.
- Click Save.