[Apache guide] Gets rid of CBC encryption mode in ciphers list
This commit is contained in:
@ -75,7 +75,7 @@ LimitRequestBody 1024000
|
||||
|
||||
SSLHonorCipherOrder On
|
||||
SSLProtocol -ALL +TLSv1.2
|
||||
SSLCipherSuite EECDH+CHACHA20:EECDH+AES
|
||||
SSLCipherSuite EECDH+CHACHA20:EECDH+AESGCM
|
||||
# For Apache >= 2.4
|
||||
SSLUseStapling On
|
||||
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
|
||||
@ -226,6 +226,7 @@ Please do propose some changes if you think there is something bad (or something
|
||||
|
||||
### History of revisions
|
||||
|
||||
11/11/18 - Gets rid of _CBC_ encryption mode in ciphers list
|
||||
12/10/18 - Adds a default `Referrer-Policy` header to the local security configuration
|
||||
01/08/18 - Replaces `Order`, `Allow` and `Deny` options by `Require` for Apache >= 2.4, in a BC way for previous versions
|
||||
14/01/18 - Fixes wrong HSTS header setting
|
||||
|
Reference in New Issue
Block a user