Article ID: 120083, created on Feb 12, 2014, last review on Apr 2, 2016

  • Applies to:
  • Plesk 12.0 for Linux
  • Plesk 11.0 for Linux
  • Plesk 11.5 for Linux
  • Plesk 12.0 for Windows


Server should meet the following PCI compliance requirements:

  • Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
  • Configure SSL/TLS servers to only support cipher suites that do not use block ciphers.

However, these protocols are not supported by Plesk by default.


PCI compliance requires that you enable the 'TLS v1.1' and 'TLS v1.2' protocols, but they are supported by 'Apache' webserver starting from version '2.2.23'. This particular version of Apache is not included in the default base Linux distributives.


  1. Make sure that all system packages are up to date and the latest Plesk microupdate has installed

  2. Follow instructions provided in the article #125741 [Plesk] CVE-2015-4000 LOGJAM TLS DH vulnerability".

Search Words

PCI Compliance setup


weak ssl

SSL 3.0に関する脆弱性について(POODLE)

The server does not support Forward Secrecy with the reference browsers

Configure SSL/TLS servers

tls 1.1

tls 1.2

Lack of ECDHE support in Plesk nginx package

cbc cipher

PCI compliance

SSL ciphers mail/apache

do not use block ciphers


Configure SSL/TLS servers to only use TLS

Disabling weak ssl ciphers plesk 11

a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c aea4cd7bfd353ad7a1341a257ad4724a 29d1e90fd304f01e6420fbe60f66f838 0a53c5a9ca65a74d37ef5c5eaeb55d7f 01bc4c8cf5b7f01f815a7ada004154a2 2a5151f57629129e26ff206d171fbb5f e335d9adf7edffca6a8af8039031a4c7 ed7be2b984f9c27de1d2dc349dc19c6d 85a92ca67f2200d36506862eaa6ed6b8 a766cea0c28e23e978fa78ef81918ab8

Email subscription for changes to this article
Save as PDF