[SOLVED]WebUI - Enable PFS on admin GUI and other questions TLS Cipher Suite

secfilter

Hi,

First : I'm Sorry for my poor English.
Second : Happy New year ;).

And my question is:
How can enable the PFS on the Web Admin GUI.

If I check the support cipher suite I can observe this :

Supported Server Cipher(s):
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLSv1  256 bits  AES256-SHA
    Accepted  TLSv1  256 bits  CAMELLIA256-SHA
    Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLSv1  168 bits  DES-CBC3-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLSv1  128 bits  AES128-SHA
    Accepted  TLSv1  128 bits  CAMELLIA128-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
    Accepted  TLSv1  128 bits  RC4-SHA

Prefered Server Cipher(s):
    TLSv1  128 bits  RC4-SHA

It's possible to change the cipher suite order ?

I think both default settings is a weak configuration
I use the 2.1.5 version.

If you cann't understand my word, I can try to write a better English with help of G-Translate (I'm not sure about that :) ).

Best regard.

secfilter

Ok, I'm sorry about this stupid question.
I find  the line in :

/etc/inc/system.inc: $lighty_config

I have a better result now :

Supported Server Cipher(s):
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLSv1  256 bits  AES256-SHA
    Accepted  TLSv1  256 bits  CAMELLIA256-SHA
    Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLSv1  168 bits  DES-CBC3-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLSv1  128 bits  AES128-SHA
    Accepted  TLSv1  128 bits  CAMELLIA128-SHA

Prefered Server Cipher(s):
    TLSv1  256 bits  ECDHE-RSA-AES256-SHA

Thanks to reader !
Best regards.