Version 76 Documentation
Child pages
  • cPanel Web Services Configuration
For cPanel & WHM version 76
Skip to end of metadata
Go to start of metadata

(WHM >> Home  >> Service Configuration >> cPanel Web Services Configuration)

Overview

The system uses cipher suites to negotiate security settings for network connections over TLS/SSL. This interface allows you to edit the TLS/SSL Cipher List and TLS/SSL Protocol list for cPanel, WHM, and Webmail.

Warning:

As of cPanel & WHM version 68, we only support Transport Layer Security (TLS) protocol version 1.2

  • We will only support applications that use TLSv1.2.
  • We strongly recommend that you enable TLSv1.2 on your server. 

Important:

We recommend that only advanced users edit the cipher and protocol lists.

Defaults

By default, cPanel & WHM uses the following cipher list for web services:

 Click to view...
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

By default, cPanel & WHM uses the following protocol list for web services:

 Click to view...
SSLv23:!SSLv2:!SSLv3

Edit the cipher list

To edit the cipher list, enter the appropriate cipher in the text box and click Save.

Notes:

  • The default cipher list is PCI compliant. To edit the cipher list to improve the security level on your server, read Apache's SSLCipherSuite Directive documentation.
  • We do not recommend that you edit the cipher list to lower the security level. Make certain that the cipher suite uses at least 128-bit encryption.

Edit the protocol list

To edit the protocol list, enter the appropriate protocol list in the text box and click Save.

Additional documentation

cPanel, WebHost Manager, and WHM are registered trademarks of cPanel, Inc. for providing its computer software that facilitates the management and configuration of Internet web servers. ®2018 All rights reserved.