Check out the LimeSurvey source code on GitHub!

How do I disable SSLv2 and weak ciphers

More
3 years 11 months ago #93124 by myaeger
I am new to an organization that has Lime Survey. A recent vulnerability scan identified that the server running Lime Survey allows SSLv2 and weak ciphers to it. I know how to turn these off in IIS, but I have no idea how to do it with Lime Survey. There doesn't seem to be an option in the admin tool, and I can't seem to find the Apache command line. Can someone please point me in the right direction? I need to get this closed ASAP.

Please Log in to join the conversation.

More
3 years 11 months ago #93129 by holch
This should have nothing to do with Limesurvey, but with the underlying webserver.

So you need to check what webserver Limesurvey is running on. Probably Apache.

www.sslshopper.com/article-how-to-disabl...l-2.0-in-apache.html

I'm not a LimeSurvey GmbH member. I answer at the LimeSurvey forum in my spare time. No support via private message.
Some helpful links: Manual (EN) | Question Types | Workarounds

Please Log in to join the conversation.

Imprint                   Privacy policy         General Terms & Conditions         Revocation information and revocation form