maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge pull request #407 from buffcode/ssl-compression

Browse Source 
Disable SSLCompression (CRIME attack)
This commit is contained in:
Michael Kaufmann
2017-01-17 10:40:19 +01:00
committed by GitHub
parent c6962b0992 5e0270e6a8
commit 9afbe7fb71
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -422,6 +422,8 @@ class apache extends HttpConfigBase
$this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
// this makes it more secure, thx to Marcel (08/2013)
$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";