SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam)
Hey guys,
One of the sites hosted on WHM failed PCI.
[QUOTE]
THREAT:
The remote host allows SSH connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits.
I read good few topics about it and I understand the problem but I don't know how to fix it. Can someone explain step by step what I need to do to fix this vulnerability? [QUOTE]Hello, Here's a response from one of our technical analysts on a recent support ticket regarding this vulnerability: I would recommend, at a minimum, upgrading to Apache 2.4. It appears that by default, Apache 2.4.7 and above do not serve Diffie-Hellman parameters smaller than 2048 bits:
I read good few topics about it and I understand the problem but I don't know how to fix it. Can someone explain step by step what I need to do to fix this vulnerability? [QUOTE]Hello, Here's a response from one of our technical analysts on a recent support ticket regarding this vulnerability: I would recommend, at a minimum, upgrading to Apache 2.4. It appears that by default, Apache 2.4.7 and above do not serve Diffie-Hellman parameters smaller than 2048 bits:
-
From that response it looks like all you'd need to do is update apache, what version of apache are you running right now? You can run the following to find that out: httpd -v0 -
Hi Lauren, Here is what I got: Apache/2.4.39 (cPanel) Apr 23 2019 08:30:40 0 -
Hi @Damian2Cubed That appears to be a recently updated version, if you're still having the same issue can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks! 0
Please sign in to leave a comment.
Comments
3 comments