Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  How to Disable Weak Ciphers on Imperva DAM Gateway Port 5555 and 3001

    Posted 12 days ago

    Hi all,

    My client ran a vulnerability scan that flagged weak SSL/TLS key exchange on Imperva DAM Gateway ports 5555, 3001, and 443.

    I've already disabled the weak ciphers for port 443, but I can't figure out which file or path controls SSL/TLS settings for port 5555 and 3001.

    How can I locate the right config to apply the same changes for those ports?

    Thanks.
    - Joy


    #DatabaseActivityMonitoring

    ------------------------------
    Joy Ampitan
    Security Engineer
    Ethnos Cyber Limited
    Lagos
    ------------------------------


  • 2.  RE: How to Disable Weak Ciphers on Imperva DAM Gateway Port 5555 and 3001

    Posted 11 hours ago
    Edited by Sarah Lamont 9 hours ago

    Hi Joy,

    I notice that you have not received any responses to this query. Have you found the information you need? I always recommend searching our documentation for specific guides.

    If you have already received advice on this, it would be great if you could share it here so that our members can benefit going forward. Remember that each individual organization's environment will be unique, so your solution may be very specific to your environment.

    If you have not received the solution already, I recommend that you raise a ticket with our support team.

    Thanks,

    Sarah



    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------



  • 3.  RE: How to Disable Weak Ciphers on Imperva DAM Gateway Port 5555 and 3001

    Posted 9 hours ago

    Hi Sarah,

    Thanks for following up and for sharing the RASP Manager guide. I've gone through it, and while it's quite helpful in the context of weak cryptography in applications, it doesn't apply to my current challenge.

    My issue is with weak SSL/TLS cipher usage on Imperva DAM Gateway ports 5555 and 3001, and how to disable them. I was able to apply the fix for port 443 (via bootstrap.xml), but I haven't yet located the equivalent configuration paths for those other ports.

    If there's documentation or guidance more specific to DAM Gateway port settings, I'd really appreciate it.

    Below is a link to the steps I followed for port 443:

    https://docs.imperva.com/bundle/v14.7-waf-administration-guide/page/65148.htm

    Best regards,
    Joy



    ------------------------------
    Joy Ampitan
    Security Engineer
    Ethnos Cyber Limited
    Lagos
    ------------------------------



  • 4.  RE: How to Disable Weak Ciphers on Imperva DAM Gateway Port 5555 and 3001

    Posted 9 hours ago

    Ah apologies, Joy - that was my mistake. I will edit my original comment so as not to confuse.

    Unfortunately, I think this query will require a support ticket.

    Let me know if you have any issue raising the ticket.



    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------