ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

proftpd 'check server security' minor bug fix

https://mail.forum.configserver.com/viewtopic.php?t=2990

Page 1 of 1

proftpd 'check server security' minor bug fix

Posted: 15 Nov 2009, 05:53
by Shmoopy
I believe I may have fixed a minor bug in the "Check Server Security" script. On my server at least, the "Check proftpd weak SSL/TLS Ciphers" test was giving a false positive. I managed to track down the issue to the regexp on line 645 of servercheck.pm.

Code: Select all

/TLSCipherSuite\s+(.*)$/
on my server, works better as:

Code: Select all

/TLSCipherSuite:\s+(.*)$/
Note the added colon. Without it the $ciphers var never gets populated which sets $status to 1 causing the false pos.

(My /var/cpanel/conf/proftpd/main looks like this)

Code: Select all

--- 
MaxInstances: none
TLSCipherSuite: HIGH:MEDIUM:+TLSv1:+SSLv3:-SSLv2
TLSRequired: 'off'
TimeoutIdle: 600
cPanelAnonymousAccessAllowed: 'yes'

Posted: 16 Nov 2009, 17:12
by chirpy
Thanks, I'll check it out.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited