All HowTo's Cybersecurity Linux Redhat, Fedora and CentOS Linux Web Servers

Securing Apache SSL on CentOS 7

This howto describes how to keep an Apache server up to date with SSL security. Test your own server at:

Run the above SSL scan first and then, if you score less than an “A”, continue on to make these changes.

Edit the following in your “/etc/httpd/conf.d/ssl.conf”:

SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
SSLCompression off
SSLHonorCipherOrder on

Update the Apache and OpenSSL software on the server:

yum update httpd openssl

And restart Apache:

systemctl restart httpd

Now run the scan again and see if you score an “A”. If not, take the scan result recommendations into account.

Here are some samples of a “C” score compared to an “A” score.



Leave a Reply

Your email address will not be published. Required fields are marked *