{"/api/v1/ncpl/currencies/getAll":{"body":[{"Name":"U.S. Dollar","Code":"USD","Symbol":"$","Separator":".","Culture":"en-US"},{"Name":"Euro","Code":"EUR","Symbol":"€","Separator":",","Culture":"en-US"},{"Name":"British Pound","Code":"GBP","Symbol":"£","Separator":".","Culture":"en-US"},{"Name":"Canadian Dollars","Code":"CAD","Symbol":"C$","Separator":".","Culture":"en-US"},{"Name":"Australian Dollars","Code":"AUD","Symbol":"A$","Separator":".","Culture":"en-US"},{"Name":"Indian Rupees","Code":"INR","Symbol":"Rs","Separator":".","Culture":"en-US"},{"Name":"China Yuan RMB","Code":"CNY","Symbol":"¥","Separator":".","Culture":"en-US"}],"status":200,"statusText":"OK"},"/api/v1/ncpl/usermanagement/uiuser/getHeaderUserInfo:\"{\\\"hideSupportPin\\\":true}\"":{"body":{"__ctxId":"854180763B6E44739C211D49F6BF53A6","__isError":true,"__errorType":"Nc.Platform.Abstractions.UnauthorizedException","Http_WWW_Authenticate":"Bearer","StatusCode":"Unauthorized","LogLevel":3,"Message":"","InnerException":null,"HelpLink":null,"Source":"Nc.Security.Middleware"},"status":401,"statusText":"Unauthorized"},"/api/v1/ncpl/cart/user/getShoppingCartSummary:\"{\\\"finalTotalOnly\\\":true}\"":{"body":null,"status":200,"statusText":"OK"}}

Disabling RC4

Deactivating RC4 on IIS

RC4 is a stream cipher for bulk encryption that nowadays is considered as practically vulnerable and was officially deprecated by Internet Engineering Task Force.

  1. Open registry editor:

    Win + R >> regedit

  2. Navigate to:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers

  3. Right-click on Ciphers >> New >> Key

    Hardening_14.jpg

    Name the key 'RC4 40/128'

  4. Right-click on RC4 40/128 >> New >> DWORD (32-bit) Value

    Hardening_15.jpg

    Name the value 'Enabled'

  5. Double-click the created Enabled value and make sure that there is zero (0) in Value Data: field >> click OK

    Hardening_16.jpg

  6. Create two more keys with the names 'RC4 56/128' and 'RC4 128/128' in the Ciphers directory. Repeat steps 4 and 5 for each of them.
  7. After step 6 is completed, you should have three keys for RC4 in total in Ciphers. Each RC4 key should have the DWORD value named 'Enabled' with zero (0) value data.

    Hardening_17.jpg

  8. You may need to restart Windows Server to apply the changes.
Updated
Viewed
57750 times
{}

Need help? We're always here for you.

notmyip