maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Added option to set the TLS protocol versions to be used in webservers

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-01-10 10:12:26 +01:00
parent 9312e4967e
commit 4bcdfc0786
7 changed files with 36 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -454,7 +454,7 @@ class apache extends HttpConfigBase
} else {
$this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL' . str_replace(","," +", Settings::Get('system.ssl_protocols')) . "\n";
if (Settings::Get('system.apache24') == '1') {
if (Settings::Get('system.http2_support') == '1') {
$this->virtualhosts_data[$vhosts_filename] .= ' Protocols h2 http/1.1' . "\n";
@@ -892,7 +892,7 @@ class apache extends HttpConfigBase
if ($domain['ssl_cert_file'] != '') {
$vhost_content .= ' SSLEngine On' . "\n";
$vhost_content .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
$vhost_content .= ' SSLProtocol -ALL' . str_replace(","," +", Settings::Get('system.ssl_protocols')) . "\n";
if (Settings::Get('system.apache24') == '1') {
if (isset($domain['http2']) && $domain['http2'] == '1') {
$vhost_content .= ' Protocols h2 http/1.1' . "\n";