How to set Ciphers used by WAF?

Question

Hello, 
 
 recently I've scanned my Website with SSL Labs, and I've seen that XG 18.0 WAF allows some ciphers that are marked as weak. How to configure the ciphers used by WAF of XG 18.0? 
 
 Regards Dwayne Parker

KingChris · Accepted Answer

Hi @Dwayne Parker 
 Here is the response from the development and security team here at Sophos regarding cipher list available in the XG for WAF: 
 Strong ciphers 
 
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) 
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) 
 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) 
 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) 
 
 Weak ciphers 
 
 Because CBC is used
 
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) 
 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) 
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) 
 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)

Because SHA1 is used (in addition to CBC)
 
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) 
 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) 
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) 
 TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)

Because no forward secrecy is offered (some also use CBC and/or SHA1)
 
 TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 
 TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 
 TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 
 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 
 TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 
 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)

Regarding when "CBC is used" 
 According to the security team: "CBC being offered is ok as long as its a strong cipher. That is no 3DES ciphers offered". All offered ciphers are strong is this regard (e.g. no 3DES is offered). 
 Conclusion: Leave it as it is 
 Regarding "SHA1 is used" 
 This is considered OK because SHA1 is used as HMAC-SHA1 which is not broken (unlike pure SHA1). All offered ciphers are strong in this regard. 
 Security team: "While SHA1 is broken, HMAC-SHA1 is not broken. Assuming that the HMAC key is not known to the attacker, HMAC-SHA1 is not susceptible to the same collision attacks that SHA1 is. If the attacker has the HMAC key, he has broken HMAC itself, no matter if it is HMAC-SHA1 or HMAC-SHA2." 
 Conclusion: Leave it as it is 
 Regarding "no forward secrecy is offered" 
 The overall SSL Labs rating does not change if the non-forward secrecy ciphers are removed.

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL:!MD5:!DSS

We might lose support for less capable clients if we remove the non-forward secrecy ciphers. Clients that support forward secrecy will prefer the forward secrecy ciphers anyway. 
 Conclusion: Leave it as it is as it has no impact on clients that support forward secrecy but widens the support for less capable clients 
 
 As you can see if you remove the CBC ciphers from the list, you are limiting the client pool that can connect to your WAF instance. 
 If you would like to remove various ciphers, the file to edit is located here: /usr/apache/conf/httpd.conf 
 You need to put the system into read/write mode: mount -no remount, rw / 
 Then edit the above file with VI and remove the SSL cipher suite offered in this line: SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:ECDH+3DES:DH+3DES:RSA+3DES:!aNULL:!MD5:!DSS 
 Please note that when WAF is set to use TLS1.2, 3DES ciphers are not offered to the client. 
 I hope this answers everyone's question surrounding this. 
 Thanks!