Severity: Medium
Invicti detected that weak ciphers are enabled during secure communication (SSL).
You should allow only strong ciphers on your web server to protect secure communication with your visitors.
httpd.conf
.
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
ssl.honor-cipher-order = "enable" ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM"
regedt32
or type regedit
, and then click OK.HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders
SCHANNEL\Ciphers\DES 56/56
SCHANNEL\Ciphers\RC4 64/128
SCHANNEL\Ciphers\RC4 40/128
SCHANNEL\Ciphers\RC2 56/128
SCHANNEL\Ciphers\RC2 40/128
SCHANNEL\Ciphers\NULL
SCHANNEL\Hashes\MD5