Disable SSL TLS

https://cryptoreport.geotrust.com/checker/ http://kb.odin.com/en/123160 Plesk 11.5 and later

Edit /etc/sw-cp-server/config'. In the http section Add: ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Restart:

sudo service sw-cp-server restart

Apache HTTPD Server

If you are running Apache, change your Apache configuration file (listed below are the default locations):

RedHat/CentOS /etc/httpd/conf.d/ssl.conf Debian/Ubuntu /etc/apache2/mods-available/ssl.conf SuSE /etc/apache2/ssl-global.conf Include or change the following line in your Apache configuration file among the other SSL directives: SSLProtocol All -SSLv2 -SSLv3

Run the following command to change the SSL settings in PCI Compliance template.

# mkdir -p /usr/local/psa/admin/conf/templates/custom/ 
# mkdir -p /usr/local/psa/admin/conf/templates/custom/server/ 
# cp /usr/local/psa/admin/conf/templates/pci_compliance/server        /PCI_compliance.php /usr/local/psa/admin/conf/templates/custom/server/ 
# sed -i 's/SSLProtocol -ALL +SSLv3 +TLSv1/SSLProtocol All -SSLv2 -SSLv3/g' /usr/local/psa/admin/conf/templates/custom/server/PCI_compliance.php

Then restart the Apache webserver:

/usr/local/psa/admin/bin/websrvmng --restart

For all sites in Plesk 12.0 for Linux:

# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` psa > psa_backup.sql
# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa
mysql> insert into misc values('disablesslv3', 'true');

Then, reconfigure Apache and Nginx:

# /usr/local/psa/admin/bin/httpdmng --reconfigure-all

Edit nginx # server.conf Ssl_protocols TLSv1.0 TLSv1.1 TLSv1.2; (remove what is not required)

Service nginx restart
Service php-fpm restart