For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Sriram_Shanmuga's avatar
Sriram_Shanmuga
Icon for Altostratus rankAltostratus
Oct 03, 2018
Solved

How to disable weak cipher from Client SSL Profile

Hi, We have disabled few ciphers and we have rating "A" in qualys ssl checker portal. We have a requirement to disable weak ciphers as well.   Could some one advice how to disable weak ciphers. Pl...
ASM Advanced WAF
security
  • Lokesh_R_365525's avatar
    Lokesh_R_365525
    Oct 03, 2018

    By using DEFAULT:@STRENGTH command you can preferred the ciphers to use only Strength.

     

iHugoF's avatar
iHugoF
Icon for Nimbostratus rankNimbostratus
Feb 18, 2022

This worked for me:

ECDHE:!RSA:ECDHE_ECDSA:!SSLV3:!RC4:!EXP:!DES:!3DES:TLSV1_3:!ECDHE-RSA-AES128-CBC-SHA:!ECDHE-RSA-AES256-CBC-SHA:!ECDHE-RSA-AES256-SHA384:!ECDHE-RSA-AES128-SHA256

RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Oct 25, 2022

Thanks for the full steatment which will help a lot to exclude the Cipher Suites.

My question is if i disable those Cipher Suites that means user can't communicate with that Cipher Suites to my web server. So, isn't that lead to limtating access to the site my disabling those cihper Suites.