Lets Encrypt Folks,
I am completely new to SSLCiphers and protocols. Just read about them and I am a little bit lost.
I got a WHM setup, Pound (Load Balancer) to have SSL in front of Varnish cache to Apache.
Installed LetsEncrypt from this Cpanel Guide:
I got a few rookie questions.
I ran a SSL Labs (Got a C) scan and I have problems with:
-This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate
-This server supports weak Diffie-Hellman (DH) key exchange parameters.
-This server accepts RC4 cipher, but only with older protocol versions.
-The server does not support Forward Secrecy with the reference browsers
Meaning that my SSLCiphers need tweaking and I am assuming my server.
My goal is to improve my SSL and I need some advice so I got a few questions:
1)Which SSLCiphers would be the most cross browser compatible and not mess up WHM?
2)If I do make the SSLCiphers change do I have to reissue new SSL Certs?
3)Do I also change LetsEncrypt Ciphers in the config file?
4)Anyone have a WHM Guide that is current, the ones online have differences and I don’t want to mess things up…
Thanks for your time,