[Apache guide] Gets rid of CBC encryption mode in ciphers list

This commit is contained in:
Samuel FORESTIER
2018-11-11 15:05:03 +01:00
parent fe424b9f63
commit ec09335197

@ -75,7 +75,7 @@ LimitRequestBody 1024000
SSLHonorCipherOrder On
SSLProtocol -ALL +TLSv1.2
SSLCipherSuite EECDH+CHACHA20:EECDH+AES
SSLCipherSuite EECDH+CHACHA20:EECDH+AESGCM
# For Apache >= 2.4
SSLUseStapling On
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
@ -226,6 +226,7 @@ Please do propose some changes if you think there is something bad (or something
### History of revisions
11/11/18 - Gets rid of _CBC_ encryption mode in ciphers list
12/10/18 - Adds a default `Referrer-Policy` header to the local security configuration
01/08/18 - Replaces `Order`, `Allow` and `Deny` options by `Require` for Apache >= 2.4, in a BC way for previous versions
14/01/18 - Fixes wrong HSTS header setting