Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Configure Apache to run in 128-bit only

if you do not want low cypherment (40-bit) and if you want to enforce 128-bit, you only need to add:
# 128-bit mini anti-beast
#SSLCipherSuite !EDH:!ADH:!DSS:!RC2:RC4-SHA:RC4-MD5:HIGH:MEDIUM:+AES128:+3DES
# 128-bit mini PFS favored
#SSLCipherSuite !EDH:!ADH:!DSS:!RC2:HIGH:MEDIUM:+3DES:+RC4
# 128-bit maximal security
SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES

SSLHonorCipherOrder on   # on apache 2.1+
This setup restrains your server to 128-bit or more.

You can place this instruction in a Directory in order to enforce higher security to some parts of your site only.

Useful links