NethServer Version: v7
I currently have a webserver and Nextcloud accessible across the internet. I noticed that default settings in Apache and NextCloud have some concerns, such as using SSLv2 and SSLv3 (Poodle Vulnerability in SSLv3), and the RC4 cipher by default, which I would like to disable.
I previously had a webserver running on Arch Linux, and used SSL Server Test to find and help close vunerabilities. A simple edit of relevant config files was all it took to close the loopholes.
However, due to its template based system, I am at a total loss as to what files to edit in order to change settings for programs without messing my nethserver system. I would like to lock down Apache, Postfix, and Dovecot following this article.
Any help would be greatly appreciated, as I am planning to use nethserver for all my personal email and file needs, given that I can make sure it as secure as my previous system.