Web Design. Web Development. Web Hosting.
0 items
Home » Knowledge Base » Getting an A+ rating on the Qualys SSL Test on all cPanel Domains

Getting an A+ rating on the Qualys SSL Test on all cPanel Domains

Posted on - Posted by Dean Williams
Table of contents show
Need some help? We are here for you!

We have a very friendly service - Come and chat to us and let us know what you need, we work for an hourly fee and can also provide you a no obligation quote and begin work immediately in most cases. Click "Request Support" or use our Live Chat.

Request support

Security is very on both sides of the table when it comes to websites and servers, for one it’s good for you as the server administrator as you and your clients are less likely to be compromised in any fashion, and of course it is something to boast about. This is also true for the client, however sometimes its even more important for the client if they are audited or require to be PCI complaint.

At WebDesires our servers come with full A+ Rating for SSL security through Qualys SSLLabs, and we thought we would make an article on how you as a server administrator can get your WHM cPanel server SSLLabs A+ Rated too.

 

Step 1:

In WHM go to: Home -> Service Configuration -> Apache Configuration -> Global Configuration

Make the following changes to the options:

SSL Cipher Suite:

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4

SSL/TLS Protocols (Use best if you can but windows XP and IE6 will not be able to connect.):
(Best) All -SSLv2 -SSLv3 -TLSv1
(Compatibility) All -SSLv2 -SSLv3

LogLevel:
Warn

Trace Enable:
Off

Server Signature:
Off

Server Tokens:
Product Only

File ETag:
None

Make sure you click “save” then click “rebuild Configuration and Restart Apache”.

 

Step 2:

In WHM go to: Home -> Service Configuration -> Apache Configuration -> Include Editor

Under “Pre Main Include” select “All Versions” and an editor will appear.

Enter these 2 lines below:

Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
SSLHonorCipherOrder on

 

Finally click “update” and then click “Restart Apache”.

 

Step 3:

You should now have A+ Rating on Qualys SSLLabs.

Here is ours:

https://www.ssllabs.com/ssltest/analyze.html?d=server1.wdnode.com

 

0 0 votes
Article Rating
Need some help? We are here for you!

We have a very friendly service - Come and chat to us and let us know what you need, we work for an hourly fee and can also provide you a no obligation quote and begin work immediately in most cases. Click "Request Support" or use our Live Chat.

Request support
Author: Dean WilliamsProfessional PHP Web Developer with expertise in OpenCart Web Development, WordPress Web Development, Bespoke Systems - also a seasoned Linux Server Administrator.
T: Twitter F: Facebook F: Linkedin

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

Recent Articles


Share this page..

Rated 5 out of 5 stars based on 19 customer reviews.

Let's begin your journey...

Get in touch us now to begin your journey to having a beautifully crafted mobile responsive website. If you're still unsure what we could do for you then take a look at our why us page which includes reviews, or take a look at our portfolio.

We can work on improving existing websites or craft a new stylish website making your business stand out.

You could always catch us by email, telephone, Skype or live chat to us below.


    Contact

    WebDesires
    18 Uxbridge Street,
    Hednesford
    Staffordshire
    WS12 1DB
    United Kingdom

    WebDesires

    Services

    Authorize.Net Certified Developer
    Authorize.Net Authorized UK Reseller
    Authorize.Net Authorized USA Reseller
    Cannock UK:
    01543 547 899
    Birmingham UK:
    0121 318 6336
    International:
    +44 121 318 6336
    Skype:
    WebDesires
    E-Mail:
    support@webdesires.co.uk
    Secure Payments By PayPal, Stripe & Bank Transfer Accepted
    Copyright © 2024 WebDesires.

    WebDesires is a trade name for a registered partnership in Cannock, Staffordshire, United Kingdom owned by Dean Williams and Josh Burley. Any services offered on this website are provided on a first-come first-serve basis, we cannot guarantee services will be available for sale at any given time. Pricing is provided depending on requirements, project size and project length. Sensitive data provided to us during communication is kept as secure as reasonably possible, and we secure any data we retain in a securely encrypted database. Any sensitive information provided to us will always be treated distreetly and confidential.

    0
    Would love your thoughts, please comment.x
    ()
    x