[TUTORIAL] Block SSL BEAST vulnerability

Ask how you can improve your site to increase your leads/sells when advertising though Adf.ly
User avatar
surikan12
Pro Member
Posts: 127
Joined: Fri Apr 18, 2014 2:16 am

[TUTORIAL] Block SSL BEAST vulnerability

Postby surikan12 » Fri May 09, 2014 8:48 am

Block SSL BEAST vulnerability

What is a beast vulnerability?
It's a smarmy error that can decrypt and steal your website info even if you have SSL.
MITM hackers will gobble up your website info and admin ID/PW then break up your site.
This happened with a wee webhosting company named pandahost. The hackers sneaked into their admin account and changed the webpage.
Look at the image below. Only enter if you are of legal age in your country.
https://i.imgur.com/HUQZ5mq.png

Luckily for them they did change it. Now they look like this :
http://pandahost.co.uk/

No, this is not a sick joke. I make a living out of correcting and finding bugs out of these things and I won't lie about them.

Anyway. The point is BEAST vulnerability gives webmasters hell. Just like the OpenSSL Heartbleed error.

This tutorial is for Nginx too. Apache tutorial will follow.

Go to

Code: Select all

ssl_ciphers


change it to

Code: Select all

ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;


BEAST vulnerability is only for RC4 encryption. Well, another solution is to put RC4 in priority, but I don't trust RC4 so I'm just gonna stick to the code I gave above.

NGINX IS THE BEST

User avatar
surikan12
Pro Member
Posts: 127
Joined: Fri Apr 18, 2014 2:16 am

Re: [TUTORIAL] Block SSL BEAST vulnerability

Postby surikan12 » Mon May 12, 2014 2:57 pm

this is kinda important too u know
viewtopic.php?f=43&t=27616

OCSP stapling will get ur website blazing fast


Return to “Website Optimization”

Who is online

Users browsing this forum: No registered users and 1 guest