To tighten security or again to pass PCI test, you can disable weak SSL cipher. Let’s do it in a host running lighttpd web server in CentOS Linux. Normally, you get message like this for this issue: Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host [...]
Архив тега ‘Web Server’
Disable weak ssl ciphers in lighttpd in Linux (перепечатка)
Upgrade apache/httpd to 2.2.17 in CentOS Linux (перепечатка)
This is again short post for people lazy enough to not compile and always looking for some quick way to upgrade/install software. The machine is having CentOS 5.2 and httpd 2.2.8. We are looking to upgrade httpd to 2.2.17 to succeed in PCI compliance. While I assured that current Apache is having all security upgrades [...]
Download, compile, install and configure php 5.3.5 in Linux (перепечатка)
In a CentOS 5.2 Server, there PHP 5.2.4 and due to which PCI complaince test failed. We were in requirement to upgrade PHP to latest stable version. While writing this article, we found 5.3.5 as latest stable release of PHP. Describing here the steps taken to download, install PHP 5.3.5. Step 1. Check existing PHP [...]
Disable ssl ver 2 in apache for pci compliance (перепечатка)
You need to disable SSL ver 2 and enable SSL ver 3 in apache for PCI compliance. Its very easy to do. Following settings will set SSL ver 3 and also disable older/unsecure cipher suite in Redhat/centos/fedora Linux server:
1. Open /etc/httpd/conf.d/ssl.conf and add or if these lines already there, edit them as per follows:
## Disbale [...]
Detect directory or file changes in *nix (перепечатка)
There are various wasys to do this, but this is what I implemented. It is working as expected as of now on my RHEL 5.x boxes. I’ll take my usecase here and describe things.
Plesk web hosting control panel is managing several hundred domains on one of RHEL box. Addition and removal of domains is [...]