-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 11/19/15 14:41, Janusz Dziemidowicz wrote: > 2015-11-19 11:13 GMT+01:00 Piotr Kubaj <pku...@riseup.net>: >>> 4096 bit DH params will be pretty slow to handshake. Maybe >>> that's okay in your circumstance though since you seem to be >>> using this for a personal use and not expecting a high >>> connection rate. You also have a 8 kbit RSA self signed >>> certificate and using 256 bit ciphers which increase TLS >>> overhead. >> I want it to be secure, and I don't want to touch my settings >> for quite a while so I just took the strongest algorithms there >> are, and 2x recommended values for things like private key, or DH >> params. The hardware is pretty powerful and I've already checked >> that I don't have a huge load. > > Take note, that increasing RSA size twice reduces number of > connections you can accept 10 times or more. For example, my quite > powerful desktop with recent CPU can accept 973 connections per > second per core for RSA 2048, 136 connections per second for RSA > 4096. OpenSSL does not have tests for RSA 8192, but that would be > in the order of a few connections per second. RSA 8192 is really an > overkill, it would be possible to DoS your server with a simple > shell script;) If you want a state of the art cryptography you > should probably use ECDSA certificate, it will be both faster and > more secure. > I've tweaked my haproxy.conf a little, now it looks like this: global #ssl-default-bind-options no-sslv3 no-tls-tickets force-tlsv12 #ssl-default-bind-ciphers AES256+EECDH:AES256+EDH #tune.ssl.default-dh-param 4096 log /var/run/log local0 maxconn 4096 user daemon group daemon daemon defaults log global mode http option httplog option forwardfor option http-server-close timeout connect 5000ms timeout client 50000ms timeout server 50000ms frontend http-in bind 192.168.11.3:80 acl host_phpsysinfo hdr_dom(host) -i phpsysinfo.anongoth.pl acl host_owncloud hdr_dom(host) -i owncloud.anongoth.pl acl host_roundcube hdr_dom(host) -i roundcube.anongoth.pl acl host_10amd64 hdr_dom(host) -i 10amd64.anongoth.pl acl host_10armv6 hdr_dom(host) -i 10armv6.anongoth.pl ## figure out which one to use use_backend phpsysinfo if host_phpsysinfo use_backend owncloud if host_owncloud use_backend roundcube if host_roundcube use_backend 10amd64 if host_10amd64 use_backend 10armv6 if host_10armv6 # redirect scheme https code 301 if !{ ssl_fc } frontend https-in #option httplog #option forwardfor #option http-server-close #option httpclose #http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;" #http-response set-header Public-Key-Pins: "pin-sha256="1Pw5h93NOsPw6j/vaTYl5VvW9cmtuZXtNP3cVz10hKo="; max-age=15768000; includeSubDomains" #bind 192.168.11.3:443 ssl crt /usr/local/etc/haproxy.pem ciphers AES256+EECDH:AES256+EDH force-tlsv12 no-sslv3 bind 192.168.11.3:443 ssl crt /usr/local/etc/haproxy.pem acl host_phpsysinfo hdr_dom(host) -i phpsysinfo.anongoth.pl acl host_owncloud hdr_dom(host) -i owncloud.anongoth.pl acl host_roundcube hdr_dom(host) -i roundcube.anongoth.pl acl host_10amd64 hdr_dom(host) -i 10amd64.anongoth.pl acl host_10armv6 hdr_dom(host) -i 10armv6.anongoth.pl ## figure out which one to use use_backend phpsysinfo if host_phpsysinfo use_backend owncloud if host_owncloud use_backend roundcube if host_roundcube use_backend 10amd64 if host_10amd64 use_backend 10armv6 if host_10armv6 backend 10amd64 server node1 192.168.11.3:81 backend 10armv6 server node1 192.168.11.3:81 backend phpsysinfo server node1 192.168.11.3:81 backend owncloud server node1 192.168.11.14:80 backend roundcube server node1 192.168.1.101:80 With that, I can tell that the issue is about HTTPS section. HTTP connection through Haproxy goes fine, but HTTPS still has a problem. I've also got regular Haproxy logs, I'm not sure if they can help diagnose the problem: Nov 19 15:04:58 anongoth haproxy[11792]: 46.248.161.165:54997 [19/Nov/2015:15:04:52.559] https-in owncloud/node1 5900/0/0/0/5901 200 319 - - ---- 2/2/0/1/0 0/0 "GET /core/css/images/ui-bg_flat_35_1d2d44_40x100.png HTTP/1.1" Nov 19 15:04:58 anongoth haproxy[11792]: 46.248.161.165:54996 [19/Nov/2015:15:04:52.555] https-in owncloud/node1 5911/0/0/1/5912 200 323 - - ---- 2/2/0/1/0 0/0 "GET /core/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png HTTP/1.1" Nov 19 15:05:00 anongoth haproxy[11792]: 46.248.161.165:54997 [19/Nov/2015:15:04:58.459] https-in owncloud/node1 27/0/0/1876/1931 200 1076 - - ---- 3/3/0/1/0 0/0 "POST /index.php/apps/files/ajax/upload.php HTTP/1.1" Nov 19 15:05:00 anongoth haproxy[11792]: 46.248.161.165:54997 [19/Nov/2015:15:05:00.390] https-in owncloud/node1 61/0/0/0/111 200 2642 - - ---- 3/3/0/1/0 0/0 "GET /core/img/filetypes/application-pdf.svg HTTP/1.1" Nov 19 15:05:01 anongoth haproxy[11792]: 46.248.161.165:54997 [19/Nov/2015:15:05:00.501] https-in owncloud/node1 221/0/1/372/615 200 862 - - ---- 3/3/0/1/0 0/0 "GET /index.php/apps/files/ajax/getstoragestats.php?dir=%2F HTTP/1.1" Nov 19 15:05:04 anongoth haproxy[11792]: 46.248.161.165:55053 [19/Nov/2015:15:04:58.506] https-in https-in/<NOSRV> -1/-1/-1/-1/5660 400 187 - - CR-- 2/2/0/0/0 0/0 "<BADREQ>" Now, about RSA vs ECDSA. I simply don't trust ECDSA. There are quite a lot of questions about constants used by ECDSA, which seem to be chosen quite arbitrarily by its creator, which happens to be NSA. These questions of course remain unanswered. Even respected scientists like Schneier say that RSA should be used instead (see https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html#c167 5929 ). When I'm done setting my HTTP(S) services, I'll simply limit incoming connections connections on my firewall so DDOS'ing won't be possible, unless you DDOS my firewall :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWTeCTAAoJEC9nKukRsfY+DagQANH+B/DXl320i+hBl8R8v/Bs GMDJLiWIxY8jjCoXlVdnOLoSY5lHUvnRQ+fMYiaTgskj+owYWYr9vVUZ3UPAKOQE kJk4czgbqyt/K7ezIxMd8QwOZNHiLHIvWEYdybKx9AExBwYh1dSnx6dHNnBYE/ns fViZ+K8M3p/EdZZmt/ToZ6AbxVs5UcrC0oGdkYtPH7s0gkGXmVM4IX5PJlJ8Pj3P ixcV7v9i+Fxx/lAhd3Q476ZHEAP5Dy3G6u6Cb83phKUNfaGxB9eeEvOBYI+1WB2O 8lHxwozHip5UlembMT79uW11FVNybNbwFWBF+U7VZdpgqjb1525gTRJCj+Tong5x q6Nztea8IOhhuJIkMOPTah5bsy3Mn4IR4IvsiL/SZ/OHF5ZflO9e4PHEeUZLd5Xj 5H4/J3pW04U7xB1kdS7WOjkohOnMdc3HvdeYQmsDCXKAty5WFhUjl5x1FhXbcsEU GOMG/utCIAOHItD6MG1sF+s4LhdCMkLddiPcpIVs2EX3BhrfmDbOCYq40A0EDE6T +Da5C8VC77e9QDT+9w5pOaxEYKw5A2iT5qhHjiSeJx8glYy6Lmz6hSuaWz4AaLu+ gmDwr2ETa0vFF8ai8O66n1p20sLiF4V6gNtIu7DQin/wP7AdVzXNsXBRcu2ZtpGo 6HDXjsf58EftkwtkakpI =9ysy -----END PGP SIGNATURE-----