Hi all,
Noob-alert!
Ok, a site I have inherited that is running debian (7.4) is running
Apache, and a test of the SSL for that site reveals a few issues I'd
like to address.
First, the site checker I was using is:
https://sslcheck.globalsign.com/en_US
The general results (and recommendations) are:
Disable weak cipher suites:
"Use only cipher suites that have authentication and encryption of
128-bit or higher."
Disable SSLv3
Enable 'Strict-Transport-Security'
Enable 'SPDY'
These all sound like good things to do, but I'm unsure of exactly how to
accomplish them, and where...
Thx for any help...
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53554d4a.1050...@libertytrek.org