Created
September 5, 2018 18:20
-
-
Save nbeguier/2f685a4d9900d1ba720790fcf7a3fef2 to your computer and use it in GitHub Desktop.
Apache : Logjam protection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # LOGJAM protection | |
| ## All TLS accepted, EECDH/EDH key exchange ciphers, force cipher order and use of 4096-bits group DH | |
| SSLProtocol all -SSLv3 -SSLv2 | |
| SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4 !SEED" | |
| SSLHonorCipherOrder on | |
| SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment