AnsweredAssumed Answered

Beast vulnerability Configuration

Question asked by Sarun Raj on Mar 29, 2015
Latest reply on Mar 29, 2015 by Sarun Raj

I fellow members I need your help solving the issue that I am having regarding beast vulnerability


Recently scan to a website  failed due to following reason.


Summary: Server is susceptible to Beast attack Server accepted TLS 1.0 CBC cipher: TLS_RSA_with_3DSE_EDE_CBC_SHA


After doing some research I found I need to add these line to configuration file


SSLHonorCipherOrder On




My problem is, which configuration file should I add these lines? Is it inside httpd.conf or inside mode_ssl or  I am just moving wrong way? Can anyone clarify please me.


Thanks in advance.