Remediation Steps

Follow the steps below to remediate this finding on Plesk.

1. Log in to the Plesk control panel.

2. Navigate to Domains > your domain > SSL/TLS Certificates.

3. Use the SSL/TLS settings to configure allowed cipher suites, or navigate to Apache & nginx Settings and add the cipher configuration directives:

   ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:!aNULL:!NULL;
   ssl_prefer_server_ciphers on;

4. Click Apply.