Overview
-
To fully address this issue, you must understand SSLCipherSuite entries and their values. For more information, read Apache’s mod_ssl documentation.
-
The system transmits insecure cookies when a previous set of cookies expire. Insecure cookies replace any invalid cookies and help ensure that a cPanel & WHM login does not result in a redirect loop. For PCI compliance, the system reports this as a false positive because the system requires a secure SSL connection.
PCI compliance scans of port 443
may fail after you have configured the SSLCipherSuite directive in the Global Configuration section of WHM’s Apache Configuration interface (WHM >> Home >> Service Configuration >> Apache Configuration). To troubleshoot this issue, check for other SSLCipherSuite entries in your httpd.conf
file.
-
For more information, read our PCI Compliance and Software Versions documentation.
-
If these steps fail to resolve the issue, open a ticket with our support team.
Troubleshoot scans of port 443
Remove the SSLCipherSuite entries.
Remove the existing SSLCipherSuite entries from the httpd.conf
file and users’ SSL data files. You can do this in the Global Configuration section of WHM’s Apache Configuration interface (WHM >> Home >> Service Configuration >> Apache Configuration).
Rebuild the httpd.conf
file.
After you edit the httpd.conf
file, you must rebuild it. To do this, run the /usr/local/cpanel/scripts/rebuildhttpconf
script.
Restart Apache and retry the scan.
To restart Apache, run the /usr/local/cpanel/scripts/restartsrv_httpd
script. Then, retry the port 443
scan.