Configure Apache to run in 128-bit only
if you do not want low cypherment (40-bit) and if you want to enforce 128-bit, you only need to add:# 128-bit mini anti-beast #SSLCipherSuite !EDH:!ADH:!DSS:!RC2:RC4-SHA:RC4-MD5:HIGH:MEDIUM:+AES128:+3DES # 128-bit mini PFS favored #SSLCipherSuite !EDH:!ADH:!DSS:!RC2:HIGH:MEDIUM:+3DES:+RC4 # 128-bit maximal security SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES SSLHonorCipherOrder on # on apache 2.1+This setup restrains your server to 128-bit or more.
You can place this instruction in a Directory in order to enforce higher security to some parts of your site only.
Useful links
Last edited on 06/18/2015 07:29:55 --- [search]