[ic] PCI Compliance
Carlc Internet Services
mvu at carlc.com
Thu Jun 17 14:30:01 UTC 2010
> -----Original Message-----
> From: interchange-users-bounces at icdevgroup.org
> From: Ky Hisberg
>
> >
> > It's not so bad. I added the following to my apache2 config to fix
> > some SSL issues:
> >
> > SSLProtocol all -SSLv2
> > SSLCipherSuite
> > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:-eNULL
>
> My ISP is giving me some grieve about this, as this is
> supposedly a special install/configuration. Will/could this
> have any effect on anything but the method that encrypts
> encrypted traffic?
Kyle,
I set this on all of my "CARLC" servers, even the domains not using interchange. If anything, it cranks the protections up
which is what is best for everyone. Most ISPs have 1000+ domains on a server, and setting individual setups are taboo to them.
Shame, as it will take someone hacking them to learn their lesson one day (or in this case, intercepting a communication). After
all, security is one of the important reasons for choosing Interchange!
Carl C.
http://www.carlc.com/
More information about the interchange-users
mailing list