{"id":358,"date":"2021-07-23T12:28:25","date_gmt":"2021-07-23T12:28:25","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/how-to-troubleshoot-pci-compliance-scans\/"},"modified":"2021-07-23T12:28:25","modified_gmt":"2021-07-23T12:28:25","slug":"how-to-troubleshoot-pci-compliance-scans","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/how-to-troubleshoot-pci-compliance-scans\/","title":{"rendered":"How to Troubleshoot PCI Compliance Scans"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\"><\/div>\n<hr>\n<h2 id=\"overview\">Overview<\/h2>\n<div class=\"callout callout-warning\">\n<div class=\"callout-heading\">Important:<\/div>\n<div class=\"callout-content\">\n<ul>\n<li>\n<p>To fully address this issue, you <strong>must<\/strong> understand SSLCipherSuite entries and their values. For more information, read Apache\u2019s mod_ssl documentation.<\/p>\n<\/li>\n<li>\n<p>The system transmits insecure cookies when a previous set of cookies expire. Insecure cookies replace any invalid cookies and help ensure that a cPanel &#038; WHM login does not result in a redirect loop. For PCI compliance, the system reports this as a false positive because the system requires a secure SSL connection.<\/p>\n<\/li>\n<\/ul><\/div>\n<\/div>\n<p>PCI compliance scans of port <code>443<\/code> may fail after you have configured the SSLCipherSuite directive in the Global Configuration section of WHM\u2019s <em>Apache Configuration<\/em> interface (<em>WHM &gt;&gt; Home &gt;&gt; Service Configuration &gt;&gt; Apache Configuration<\/em>). To troubleshoot this issue, check for other SSLCipherSuite entries in your <code>httpd.conf<\/code> file.<\/p>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<ul>\n<li>\n<p>For more information, read our PCI Compliance and Software Versions documentation.<\/p>\n<\/li>\n<li>\n<p>If these steps fail to resolve the issue, open a ticket with our support team.<\/p>\n<\/li>\n<\/ul><\/div>\n<\/div>\n<h2 id=\"troubleshoot-scans-of-port-443\">Troubleshoot scans of port 443<\/h2>\n<h3 id=\"remove-the-sslciphersuite-entries\">Remove the SSLCipherSuite entries.<\/h3>\n<p>Remove the existing SSLCipherSuite entries from the <code>httpd.conf<\/code> file and users\u2019 SSL data files. You can do this in the <em>Global Configuration<\/em> section of WHM\u2019s <em>Apache Configuration<\/em> interface (<em>WHM &gt;&gt; Home &gt;&gt; Service Configuration &gt;&gt; Apache Configuration<\/em>).<\/p>\n<h3 id=\"rebuild-the-httpd-conf-file\">Rebuild the <code>httpd.conf<\/code> file.<\/h3>\n<p>After you edit the <code>httpd.conf<\/code> file, you <strong>must<\/strong> rebuild it. To do this, run the <code>\/usr\/local\/cpanel\/scripts\/rebuildhttpconf<\/code> script.<\/p>\n<h3 id=\"restart-apache-and-retry-the-scan\">Restart Apache and retry the scan.<\/h3>\n<p>To restart Apache, run the <code>\/usr\/local\/cpanel\/scripts\/restartsrv_httpd<\/code> script. Then, retry the port <code>443<\/code> scan.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Overview Important: To fully address this issue, you must understand SSLCipherSuite entries and their values. For more information, read Apache\u2019s mod_ssl documentation. The system transmits insecure cookies when a previous set of cookies expire. Insecure cookies replace any invalid cookies and help ensure that a cPanel &#038; WHM login does not result in a redirect &hellip;<\/p>\n","protected":false},"author":1,"featured_media":359,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/358"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=358"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/358\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/359"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}