PCI Settings

A new addition on 5/29/17,  you can now control certain SSL settings in Mojo Host Manager.  This section has been available to internal support for some time and was released for customer usage.  PCI scans often flag the default protocols which are legacy but some customers still require the older ones. But with the upcoming changes in the next year at many of the major payment processors (Authorize.net/Paypal) we expect more customers to need TLS 1.0 and other settings disabled.

Disable TLS 1.0

Check this box to completely disable TLS 1.0 on all web facing ports which covers your sites, webmail and phpMyAdmin.

Exim ports

Disable TLS 1.0

Check this box to completely disable TLS 1.0 on all exim related ports

Disable SSLv2 SSLv3

Check this box to disable SSLv2/3 on all exim ports

Dovecot

Disable TLS 1.0

Check this box to disable TLS 1.0 on Dovecot related ports

Secure plain text login

Check this box to force password encryption for email accounts.

ProFTPD

Check this box to completely disable the FTP service. This does not affect SFTP and SSH users.  The FTP service runs on port 21 and the transfers are not encrypted.

Enable two-factor authentication

Checking this box will force 2 factor authentication on all SSH/SFTP logins. This means to connect via SSH you will need to whitelist your IP, use an SSH key and use an SSH/key password.

Updated on June 15, 2017

Was this article helpful?

Related Articles