KNOWLEDGE BASE
Log In    |    Knowledge Base    |    4D Home
Tech Tip: Disabling SSLv2 when using Apache as a front-end for PCI Compliance
PRODUCT: 4D | VERSION: 11.4 | PLATFORM: Mac & Win
Published On: October 22, 2009
Your current browser may not allow you to download the asset. We recommend Mozilla Firefox or Google Chrome.
Log In

When using Apache Web Server as a front-end / reverse proxy to 4D (such as described in Tech Note #75920) you can also use Apache to force a certain level of SSL as required by the Payment Card Industry (PCI).

The following code can be used to turn off SSLv2:

# enable SSLv3 and TLSv1, but not SSLv2
SSLProtocol all -SSLv2


Apache's default SSLv.2 setting can be changed with the following code:

SSLCipherSuite HIGH:+MEDIUM:!SSLv2:!EXP:!ADH:!aNULL:!eNULL:!NULL


For more information: https://httpd.apache.org/docs/2.0/mod/mod_ssl.html

To check your server go to: https://www.serversniff.net/content.php?do=ssl

See Also: