When you are retesting on qualys are you clearing the qualys cache?
There is a link to do so (Clear cache).
If your test results are immediately returning then qualys isn't
rescanning. A scan usually takes about a minute or so.
Jim
On 8/26/2021 3:04 PM, Paul Claridge wrote:
Thanks Jim for
Hi Paul
Just try
SSLProtocol TLSv1.3
See how that goes and proceed from there.
John Orendt
john.p.ore...@medtronic.com
-Original Message-
From: Paul Claridge
Sent: Thursday, August 26, 2021 3:05 PM
To: users@httpd.apache.org
Subject: [EXTERNAL] Re: [users@httpd] SSL Cipher
Thanks Jim for response.
I spotted an article suggesting SSLProtocol -all +TLSv1.3, but that
didn't make any difference either.
Could it be the Qualys SSL Labs tool is not resetting? Any other
recommendations for testing cipher strength?
With regards to WAF we are using mod_security and
Hello Frank,
Thank you very much for your feedback!
If I understood your points correctly, the configuration file should look like
this:
ServerName localhost
DocumentRoot /var/www/html/
ServerName [your.domain.com]
RewriteEngine on
RewriteCond %{SERVER_NAME} =[your.domain.com]
RewriteRule ^
On 8/26/2021 6:16 AM, Paul Claridge wrote:
Hi Team,
I am trying to configure recommendations from a pentest with regard to
excluding weak ciphers.
My ssl labs report shows the following:
Protocols
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 No
TLS 1.0 No
SSL 3 No
SSL 2 No
Cipher
Hi Team,
I am trying to configure recommendations from a pentest with regard to
excluding weak ciphers.
My ssl labs report shows the following:
Protocols
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 No
TLS 1.0 No
SSL 3 No
SSL 2 No
Cipher Suites
# TLS 1.3 (suites in server-preferred
