Hello,
Today my customer is came up with a failed PCI report. I have enclosed a screenshot of it and pasting the error below.
I have checked my cPanel web serivce configuration and the following is listed.
Can somebody let me know what changes I need make inorder to pass the PCI compliant.
Today my customer is came up with a failed PCI report. I have enclosed a screenshot of it and pasting the error below.
Code:
+++++++++++++
Port
Protocol Service
CVSS
2083
TCP
www
5.00
T itle
FAIL
TLS Version 1.0 Protocol Detection (PCI DSS)
Synopsis:
The remote service encrypts traffic using a protocol with known weaknesses.
Impact:
The remote service accepts connections encrypted using TLS 1.0. This version
of TLS is affected by multiple cryptographic flaws. An attacker can exploit
these flaws to conduct man-in-the-middle attacks or to decrypt
communications between the affected service and clients. As per PCI Security
Standards Council April 1, 2015 document `Migrating from SSL and Early TLS` all
TLS 1.0 encryption usage must include a Mitigation and Migration plan detailing
current risk management plus migration strategy off early TLS to secure TLS
versions such as TLS 1.1 or 1.2 on or before June 30, 2016. Consult the
application's documentation for information on how to upgrade TLS to version
1.1 or greater (TLS 1.2 strongly recommended) or upgrade the application to a
version that uses TLS version 1.1 or greater.
+++++++++
Code:
TLS / SSl Cipher lis: ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5
TLS/SSL protocol : SSLv23:!SSLv2:!SSLv3Attachments
Last edited:
