git.bettercrypto.org
/
ach-master.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
62a9aad
)
nginx does't allow ssl_protocols to be excluded, only to be included. Our given examp...
author
Pepi Zawodsky
<git@maclemon.at>
Thu, 28 Nov 2013 13:01:15 +0000
(14:01 +0100)
committer
Pepi Zawodsky
<git@maclemon.at>
Thu, 28 Nov 2013 13:01:15 +0000
(14:01 +0100)
src/practical_settings/webserver.tex
patch
|
blob
|
history
diff --git
a/src/practical_settings/webserver.tex
b/src/practical_settings/webserver.tex
index
3000459
..
941cb32
100644
(file)
--- a/
src/practical_settings/webserver.tex
+++ b/
src/practical_settings/webserver.tex
@@
-116,7
+116,7
@@
lighttpd httpS:// redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/
\begin{lstlisting}[breaklines]
ssl_prefer_server_ciphers on;
- ssl_protocols
-SSLv2 -SSLv3;
+ ssl_protocols
TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA';
add_header Strict-Transport-Security max-age=2592000;
add_header X-Frame-Options DENY;