Ako zastavit apache ? (SSLCipherSuite)
Lubomir Host
rajo at platon.sk
Mon Sep 21 00:21:15 CEST 2009
On Sun, Sep 20, 2009 at 11:45:36PM +0200, Jozef Drahovsky wrote:
> <IfDefine SSL>
> SSLEngine on
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile "/usr/local/etc/apache2/ssl.crt/server.crt"
> SSLCertificateKeyFile "/usr/local/etc/apache2/ssl.key/server.key"
> </IfDefine>
Mozno stoji za uvazenie mat v SSLCipherSuite taketo nieco:
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:-NULL;
cize vypnutie SSLv2 a sifier s nizkou bezpecnostou (-LOW, -NULL, ...).
Pomoze ti to ziskat vyssie bodove hodnotenie v teste SSL, vid. napr.
https://www.ssllabs.com/ssldb/analyze.html
https://www.ssllabs.com/projects/rating-guide/index.html
rajo
--
,''`. Lubomir Host 'rajo' <rajo AT platon.sk> ICQ #: 257322664
: :' : Jabber: rajo AT jabber.platon.sk VoIP: callto://rajo207
`. `' WWW: http://rajo.platon.sk/ Platon Group: http://platon.sk/
`- GnuPG key: DC0C C7EA 55C8 B089 C41D 944A F251 A93A 2361 A82F
More information about the Users-l
mailing list