One of the things that Qualified Scanning Vendors look for on a server is that the server does not use weak AND medium strength ciphers. Plesk does come with a tool to enable you to switch off weak ciphers used with courier, Apache, and the control panel itself.
# /usr/local/psa/admin/bin/pci_compliance_resolver --enable all
This will disable all weak ciphers for courier mail, Apache, and the control panel. Other parameters are:
| --enable | --disable courier | Only enables or disables the courier mail weak ciphers |
| --enable | --disable apache | Only enables or disables the Apache weak ciphers |
| --enable | --disable panel | Only enables or disables the control panels weak ciphers |
Once the command is done executing, delete the contents of the /usr/local/psa/admin/conf/cipher.lst
# openssl ciphers -v HIGH > /usr/local/psa/admin/conf/cipher.lst