Security is a basic requirement of the server. We will use SSLLabs, a testing project of Qualys, a company that provides strategic security solutions. In this post, we will see how to use their A+ indicator which is the industry high standard in SSL security and try to meet its requirements. The SSLLabs checker covers two substantial parts of the investigation: Authentication, which reflects details about installed SSL certificate and additional certificates provided by a server, and Configuration, which shows server settings for secure negotiation used in client-server interaction.
This blog will cover the steps to get your A+ rating on Qualys without affecting the web-server configuration.
STEP 1 :
Go to WHM >> Home -> Service Configuration -> Apache Configuration -> Global Configuration
Change the default cipher suite to the following by selecting the custom entry for cipher suits:
- SSL/TLS protocols are OK to keep set as default.
- Server Tokens are also set to “Product Only” to avoid leaking information about the server OS.
- Turn Trace Enable off per PCI recommendations and standards
- Click Save. Apache will now favor stronger protocols before others.
- Now time to set forward secrecy with a long date in advance.
Free Web hosting Support
Get help now from our team of security experts. You can try them free with a test task and you wouldn’t be disappointed.
STEP 2 :
Go to WHM >> Home -> Service Configuration -> Apache Configuration -> Include Editor
Then jump to Pre Main Include
Next, paste the following into the “Global” area:
Click ‘Update’ and Restart the Apache process
Alternatively, we can manually add this on the below configuration path,
After saving the the file restart the service by using the below command,
This will rebuild the Apache configuration as would be done from WHM and restart Apache as well.
Free Server Audit
Contact our team today and get a free security audit done by our team of server management experts.
STEP 3 :
Now test your website at Qualys SSL Labs to see the score you get, if you’ve followed instructions properly, you should have an A+
Now A+ SSL settings applied on all domains on the cPanel server that have certificates installed. By using the global pre-main includes and modifying the server wide ciphers for Apache, every domain using SSL will enjoy the same security.
Read our new exciting blog : 6 Live Chat Applications You Can Implement Right Now
Read our new exciting blog : Need, Challenges, and Impact of General Data Protection Regulation (GDPR)