The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. What does HSTS do for improving security? You have HSTS configured on Zimbra and have configured a correct TLS […]
Tag Archives | administrators
Protecting Zimbra with Sucuri web application firewall
You can enhance the security of your Zimbra servers by using a web application firewall (WAF). By using a web application firewall you can add the following protections to Zimbra: Geo blocking, geo fencing Blocking or allow IP addresses Emergency DDoS protection Block anonymous proxies Block top three attack countries Manage HTTP Security Headers Limited […]
Update Zimbra TLS cipher suites to disable Diffie-Hellmann
This blog post is outdated since Zimbra version 9.0.0.P34, 8.8.15.P41, 10.0.2 where Zimbra introduced OpenSSL FIPS. Please follow the updated steps at https://wiki.zimbra.com/wiki/Cipher_suites. In a previous blog and wiki we have shown how to configure Zimbra with a strong TLS configuration. Since encryption is always evolving we have updated the previous blog and wiki to […]
Did you know? SELinux is not a Zimbra feature
This blog is about something that is not a Zimbra feature, yes you read it correctly, usually on the blog we highlight new or existing features. But this blog is a little different. Every now and then people write in the Zimbra forums or comment on blog posts saying they run Zimbra with SELinux in […]
Zimbra not affected by critical OpenSSL issue
The OpenSSL project is releasing a critical fix for OpenSSL version 3.x. Zimbra is using OpenSSL version 1.1.1q which is an older still supported version of OpenSSL. The version in Zimbra is not affected by the fix, which means no patches are needed for Zimbra. You should install operating system security updates and other 3rd […]
Zimbra installation integrity check
The script in this article allows Zimbra administrators to create checksums of all the files in a Zimbra installation. The output of the script can be used to identify unintended changes and newly created files. Such changes can for example be caused by hackers. You can use this script pro-actively by scheduling it in a […]