Webmin PCI Compliance

PCI compliance! Just the phrase is enough to ruin one’s day. But fear not, here is some handy info on what I’ve learned.

For Webmin, you should:

  1. Go to Webmin -> Webmin Configuration -> SSL Encryption
  2. Enter this into Allowed SSL Ciphers field: “ALL:!ADH:!LOW:!MEDIUM:!SSLv2:!EXP:+HIGH”
  3. Set SSL protocol version to “3”

You can check from the command line to make sure SSL-2 is not allowed via:

openssl s_client -connect localhost:10000 -ssl2

and you should get a line that has “error” in it to verify.