Forum Discussion
Ashwin_Venkat
Dec 14, 2017Employee
That result from Qualys is pointing to the fact that you have anonymous cipher suites enabled, and with cipher string you're using, that is due to ADH being enabled.
You can disable it by appending ':!ADH' to your existing cipher string and I'd go one step further to also disable other weaker ones like RC4, DE & 3DES. Therefore, the following cipher string disables all those weaker ones:
TLSv1_2:!ADH:!DES:!3DES:!RC4
Please let me know if you have any questions.