maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Disable SSLCompression (CRIME attack)

Browse Source 
https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html#SSL_Compression_(CRIME_attack)
This commit is contained in:
Laurens Stötzel
2017-01-17 10:18:52 +01:00
parent c6962b0992
commit 5e0270e6a8
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -422,6 +422,8 @@ class apache extends HttpConfigBase
$this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
// this makes it more secure, thx to Marcel (08/2013) // this makes it more secure, thx to Marcel (08/2013)
$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";