backing up shopserver1p apache config
[eostre.git] / drupal-configs / apache2 / conf-enabled / ssl.conf
1 # File managed by ansible, do not edit
2 #https://cipherli.st/
3
4 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
5 SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
6 SSLHonorCipherOrder On
7 Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
8 Header always set X-Frame-Options sameorigin
9 Header always set X-Content-Type-Options nosniff
10 # Requires Apache >= 2.4
11 SSLCompression off 
12
13 #SSLUseStapling on 
14 #SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_stapling_cache(128000)
15 #SSLStaplingResponderTimeout 5
16 #SSLStaplingFakeTryLater off
17 #SSLStaplingReturnResponderErrors off
18 #SSLStaplingForceURL http://serverproxy0p.fsf.org:8001
19
20 # Requires Apache >= 2.4.11
21 SSLSessionTickets Off
22
23 # https://weakdh.org/sysadmin.html
24 # Requires Apache >= 2.4.8
25 SSLOpenSSLConfCmd DHParameters "/etc/ssl/private/dhparams.pem"