Skip to content

Instantly share code, notes, and snippets.

@isagasti
Last active March 29, 2019 11:04
Show Gist options
  • Save isagasti/d1e3527e97a3a9fdc725 to your computer and use it in GitHub Desktop.
Save isagasti/d1e3527e97a3a9fdc725 to your computer and use it in GitHub Desktop.
Apache 2.2 SSL config for A+ on SSLLabs.com
# OS: Debian 7, Apache 2.2.22, OpenSSL 1.0.1e
# SSL Labs: A+ (RSA2048, SHA256 certificate)
# Certificate: 100%
# Protocol Support: 95%
# Key Exchange: 90%
# Cipher Strength: 90%
# Disable SSL protocol, only TLS.
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"
# HSTS enable. No activamos SubDomains para evitar posibles errores de configuración sobre el dominio principal.
# This gives + to A.
Header always set Strict-Transport-Security "max-age=31536000"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment