Skip to content
← CMS PaaS (Content Management System)

Welcome! 👋

CMS PaaS (Content Management System): Compliance & Security

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Use more secure ciphers by default

When performing a security check for a DXP site on internet.nl the result is that "Your web server does not prefer 'Good' over 'Sufficient' over 'Phase out' ciphers" and "Your web server supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.".

I suggest that more secure ciphers should be used on all DXP sites by default. The more secure ciphers are referred to as "Modern", "Compatible", and "Legacy" in the cloudflare documentation. https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/recommendations/

3 votes
Wilhelm Walberg Schive shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Submitting...
An error occurred while saving the comment
  • Patrik Brännström commented  ·   ·  Report

    It is possible to get the ciphers changed if you mail or raise a ticket with support where you specify what project or possible what domain name you would like us to improve the ciphers on. However, there is no public setting at the paasportal to adjust this from your end, yet.