Here’s a great article on the SWEET32 vulnerability and how to mitigate:
If you have a Plesk server then you’ll need adjust the panel ciphers by editing:
|
1 |
/etc/sw-cp-server/conf.d/ssl.conf |
and change the contents to:
|
1 2 3 |
ssl_prefer_server_ciphers On; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS; |
The restart the panel:
|
1 |
service sw-cp-server restart |