1. M

    TLS Version 1.1 Protocol Deprecated in CISA scans.

    I'm running cent os 7.9 with whm and using litespeed server. where do I change this setting to disable older tls? all online documentation is not helping me find the real setting. Home / Service Configuration / Apache Configuration / Global Configuration all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1...
  2. T

    how to use dhparam 4096

    Cpanel's default support for secure parameters for Diffie-Hellman key exchange is not optimal, and even considered insufficient by some official organisations. See for example : IT Security Guidelines for Transport Layer Security (TLS) That's why I want to increase them. This is what I've...
  3. amstel

    SSL/TLS: Renegotiation DoS Vulnerability

    Hi, I have been running a security scan on one of my website. A scanner has found that issue: SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094) Summary The remote SSL/TLS service is prone to a denial of service (DoS) vulnerability. Insight The flaw exists because the...
  4. A

    MySql TLS version wannings

    Hello, MySql server is showing following wannings. A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher. CA certificate ca.pem is self signed. I checked for updates and it is stating mysqld 5.7.40 and saying all packages are updated. Please help me fix this issue...
  5. M

    WHM: How to solve SMTP lacking PTR record or record not same as SMTP Banner and also SMTP doesn't support TLS

    I have over the years had persistent issues with TLS and, separately, rDNS PTR records. With some work some years ago (pre-covid!) this was resolved and everything was hunky dory. Now, for some reason, the issue has returned according to which states that for every domain on one...
  6. rivermobster

    Best TLS Settings in WHM

    Does this look like something I should actually do? Paste these three lines in the editor, then click on Update: Header set Strict-Transport-Security "max-age=31536000" env=HTTPS Header always set X-XSS-Protection "1...
  7. O

    Received certificate chain could not be verified

    Hello, for some reason i began receive this error when i try ftp connection. I haven't touched the FTP settings for many months so I think some update may have caused this. Has anyone gone through this? If yes, how to solve? Best regards.
  8. H

    Let's Encrypt - Certificate not working

    Hi. i am using Let's Encrypt for my server and for some reason some clients are complaining about non working tls sertificate and https not working on my site. Any ideas on how to dig further where to find the problem? Chrome on android said (acording to the customer) ...
  9. cPAdminsMichael

    Enforce/require TLS

    Hi guys, Now my time for a question :) I got a good question from a client. According to the "new" GDPR policy in EU, companies are obligated to enforce TLS1.2 in all mail communication that includes PII from client to destination mailserver. cPanel by default require TLS1.2 for...
  10. V

    SOLVED incoming mail tls error connection

    Hello When mail is sent to our server from a service provider, mails do not reach, we see a tls error when we look at the exim_mainlog. We activated TLS 1.0 and 1.1 for trial purposes, but there was no solution. There is no blocking between the 2 servers. 2021-08-16 09:18:13 TLS error on...
  11. C

    Possible Bug: TLS 1.3 not available with NGINX

    An online security checking website finds that my VPS site supports TLS 1.2, but not TLS 1.3. When I pull up my site's home page in Firefox, click on the lock icon, click on "Connection Secure", then on "More Information", under "Technical Details" it does indeed show encryption with TLS 1.2...
  12. mlopez

    SOLVED Default TLS version for mail server

    I would like to know the default (or the available) TLS version of cPanel (92.0.9). A user is asking me which of the following are acceptable: TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 Thank you in advance
  13. T

    Need to temporarily enable TLSv1

    I need to enable TLSv1 and TLSv1.1 on our server temporarily, for one of our apps that requires it still, for now. However, cPanel is no longer allowing that the "standard way". Editing the values in httpd.conf do not seem to do anything. How should I proceed? Thanks!
  14. B

    TLS 1.2 Not Enabled in Wordpress

    Hello, I installed the "tls1.2 compatibility test" plugin in Wordpress and it reports that tls 1.2 is disabled and can't curl to " cURL error 6: Could not resolve host: " I did google and read the documentation but can't figure it out. Under Glogbal Apache settings, I set...
  15. L

    unable to disable TLS v1, v1.1

    There are some other threads regarding this issue but they've not helped solve the problem, and most reference older versions of WHM. I'm trying to disable TLS v1 and v1.1 on my WHM/cPanel server, running WHM v90.0.18. I've navigated to Home > Service Configuration > Apache Configuration >...
  16. V

    Apache TLS 1.0 support Cpanel 90 version

    Hi; It seems that apache TLS version 1.0 support has been completely removed in Cpanel 90 version, these directives are no longer accepted when we want to activate TLS 1.0 with global configuration. Those using old browsers still use tls 1.0, how can we get this support back?
  17. P

    SMTP TLS , DMARC Record and some mailing related issues.

    Hey Buddies ! I want to improve my mail delivery , please help me. In MXtoolbox , when I tested my Server's SMTP then it shows some issues - SMTP TLS Warning - Does not support TLS. SMTP Banner Check Reverse DNS does not match SMTP Banner SMTP Transaction Time 15.578 seconds - Not good! on...
  18. M

    Support of TLS 1.3 - Questions

    Hi, I hope your day is going well! I'm not yet an CPanel user but i really have a question to ask. Does CPanel support actually TLS 1.3? I found this: Add Support for TLS 1.3, from that page seems the support has been added but TLS 1.3 is not the default. From I can understand user can set TLS...
  19. P

    How to Enable SMTP TLS on CPanel Server ?

    Hello Sir , when I ran SMTP Test For MY IP through Mxtoolbox then I find these issues - Name :- SMTP Banner Check Response :- Reverse DNS does not match SMTP Banner. Name :- SMTP TLS Response :- Warning - Does not support TLS. Name :- SMTP Transaction Time Response :- 18.639 seconds - Not...
  20. M

    Enable TLS 1.3

    Hi, I have: CloudLinux + WHM/cPanel + LiteSpeed When i install WHM/cPanel in a new server, i need do anything for enable TLS 1.3?. I need do anything in CloudLinux or LiteSpeed?. Thank you very much.