[ZendTo] Re: Debian + ZendTo + SSL
Jules
Jules at Zend.To
Thu Jul 5 14:05:43 BST 2012
On 05/07/2012 13:57, Joao Alexandre wrote:
> Hi All,
>
> Our ZendTo server has been audited for security reasons and,
> congratulations to Jules, the code seems secure with apparently no
> problems.
Wonderful news! Who did the audit, and how thorough was it?
Jules.
>
> One thing that I had to do regarding Apache, and to make it
> invulnerable to "BEAST attack", was to add the following lines to the
> ssl configuration:
>
> SSLHonorCipherOrder On
> SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
>
> https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
>
> Hope this helps someone.
>
> Regards,
>
> J.
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
More information about the ZendTo
mailing list