Getting an A+ rating on the Qualys SSL Test on all cPanel Domains

Security is a basic requirement of the server. We will use SSLLabs, a testing project of Qualys, a company that provides strategic security solutions. In this post, we will see how to use their A+ indicator which is the industry high standard in SSL security and try to meet its requirements. The SSLLabs checker covers two substantial parts of the investigation: Authentication, which reflects details about installed SSL certificate and additional certificates provided by a server, and Configuration, which shows server settings for secure negotiation used in client-server interaction.

This blog will cover the steps to get your A+ rating on Qualys without affecting the web-server configuration.

STEP 1 :

Go to WHM >> Home -> Service Configuration -> Apache Configuration -> Global Configuration

Change the default cipher suite to the following by selecting the custom entry for cipher suits:

SSL step

  • SSL/TLS protocols are OK to keep set as default.
  • Server Tokens are also set to “Product Only” to avoid leaking information about the server OS.
  • Turn Trace Enable off per PCI recommendations and standards
  • SSL-Test-on-all-cPanel-Domains

  • Click Save. Apache will now favor stronger protocols before others.
  • Now time to set forward secrecy with a long date in advance.

Free Web hosting Support

Get help now from our team of security experts. You can try them free with a test task and you wouldn’t be disappointed.

Avail Free Trial

STEP 2 :

Go to WHM >> Home -> Service Configuration -> Apache Configuration -> Include Editor
Then jump to Pre Main Include

appache-configuration

Next, paste the following into the “Global” area:

SSL-step-2

Click ‘Update’ and Restart the Apache process

restart-appache

Alternatively, we can manually add this on the below configuration path,
/usr/local/apache/conf/includes/pre_main_global.conf

After saving the the file restart the service by using the below command,

step-2a

This will rebuild the Apache configuration as would be done from WHM and restart Apache as well.

Free Server Audit

Contact our team today and get a free security audit done by our team of server management experts.

Get Free Security Audit

STEP 3 :

Now test your website at Qualys SSL Labs to see the score you get, if you’ve followed instructions properly, you should have an A+

ssl-report

Now A+ SSL settings applied on all domains on the cPanel server that have certificates installed. By using the global pre-main includes and modifying the server wide ciphers for Apache, every domain using SSL will enjoy the same security.

Read our new exciting blog : 6 Live Chat Applications You Can Implement Right Now

Check Our Server Management Plans