How do I disable SSLv2 and weak ciphers

More
4 years 7 months ago #93124 by myaeger
myaeger created the topic: How do I disable SSLv2 and weak ciphers
I am new to an organization that has Lime Survey. A recent vulnerability scan identified that the server running Lime Survey allows SSLv2 and weak ciphers to it. I know how to turn these off in IIS, but I have no idea how to do it with Lime Survey. There doesn't seem to be an option in the admin tool, and I can't seem to find the Apache command line. Can someone please point me in the right direction? I need to get this closed ASAP.

Please Log in to join the conversation.

More
4 years 7 months ago #93129 by holch
holch replied the topic: How do I disable SSLv2 and weak ciphers
This should have nothing to do with Limesurvey, but with the underlying webserver.

So you need to check what webserver Limesurvey is running on. Probably Apache.

www.sslshopper.com/article-how-to-disabl...l-2.0-in-apache.html

I'm not a LimeSurvey GmbH member. I answer at the LimeSurvey forum in my spare time. No support via private message.
Some helpful links: Manual (EN) | Question Types | Workarounds

Please Log in to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now