[ZendTo] Debian + ZendTo + SSL
Joao Alexandre
jalexandre1964 at gmail.com
Thu Jul 5 13:57:50 BST 2012
Hi All,
Our ZendTo server has been audited for security reasons and,
congratulations to Jules, the code seems secure with apparently no
problems.
One thing that I had to do regarding Apache, and to make it
invulnerable to "BEAST attack", was to add the following lines to the
ssl configuration:
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
Hope this helps someone.
Regards,
J.
More information about the ZendTo
mailing list