Piers Rowan
2014-10-17 03:50:15 UTC
With the recent problems with SSL I've been looking around for insights
to raise the level of protection on apache.
Does anyone have any recommendations/criticisms as the following config?
https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
Suggests:
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
Cheers
P
to raise the level of protection on apache.
Does anyone have any recommendations/criticisms as the following config?
https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
Suggests:
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
Cheers
P