Article ID: 1763, created on Mar 27, 2007, last review on Jun 17, 2016

  • Applies to:
  • Plesk for Linux/Unix


The warning is shown in security report:

The remote service encrypts traffic using a protocol with known weaknesses. Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.


SSL protocols that are used by Apache can be set by means of "SSLProtocol" option.. To disable SSL 2.0 or SSL 3.0 protocol you should modify the /etc/httpd/conf.d/ssl.conf or httpd.conf, adding the line:

SSLProtocol all -SSLv2 -SSLv3

Restart Apache after configuration files modification.


Additional information about mod_ssl can be found here.

Note: Real path to Apache or SSL configuration files can be different depending on operation system installed. For more information about apache web server related paths please refer to KB5440 article.

Search Words


ssl 3.0


disable ssl

ssl 2.0

29d1e90fd304f01e6420fbe60f66f838 a914db3fdc7a53ddcfd1b2db8f5a1b9c 56797cefb1efc9130f7c48a7d1db0f0c

Email subscription for changes to this article
Save as PDF