Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

CVE-2015-4000 LOGJAM TLS DH vulnerability on Plesk server

 
cryptographylinuxmicrosoftnetworkplesk for linux

Situation

CVE-2015-4000 LOGJAM TLS DH vulnerability on Plesk server

Impact

The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. 

Call to Action

Click on a section to expand

Plesk for Linux

  1. Connect to server over SSH.

  2. Run the following command to increase Diffie-Hellman key size to 4096 bit:

    # plesk sbin sslmng -vvv --strong-dh --dhparams-size=4096

    Note: To change the setting for a particular service, option --services=service_name should be used.

Plesk for Windows

    1. Connect to server over RDP.
    2. Open the Group Policy Object Editor: type
      gpedit.msc
       in the Start > Run dialogue window:
      gp1.PNG

    3. Expand Computer Configuration > Administrative Templates > Network > SSL Configuration Settings and open the SSL Cipher Suite Order setting:gp2.PNG
    4. Set up a strong cipher suite order. See this list of Microsoft's supported ciphers and Mozilla's TLS configuration instructions:
      gp3.PNG
Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY
Follow us:
Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit