Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Apache webserver.

  1. In your Apache SSL configuration (e.g., ssl.conf or VirtualHost), set:

    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:!aNULL:!NULL:!EXPORT:!DES:!RC4:!MD5
SSLHonorCipherOrder on

  2. Reload Apache:

    sudo systemctl reload apache2
Back to top