Test SSL Servers and Disable Anonymous Cipher Suites

This is a good site to test your server’s SSL configuration:

Qualys SSL Labs – SSL Server Test

If your server fails, there’s a good chance it is because of this error:

This server supports anonymous (insecure) suites.
TLS_ECDH_anon_WITH_RC4_128_SHA (0xc016)   INSECURE

If you are using cPanel, to fix the issue:

  1. Go to Apache Configuration then click Global Configuration. 
  2. In the SSL Cipher Suite area, click the last radio button so that you can enter a custom configuration.
  3. Enter the following:
    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH:!aNULL

cPanel Apache SSL Cipher Suite Configuration

The last argument, !aNULL, disables the anonymous suites.