]> git.pld-linux.org Git - packages/pound.git/commitdiff
projects / packages / pound.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 95d418a)
better https defaults
authorElan Ruusamäe <glen@delfi.ee>
Mon, 29 Feb 2016 08:14:31 +0000 (10:14 +0200)
committerElan Ruusamäe <glen@delfi.ee>
Mon, 29 Feb 2016 08:14:31 +0000 (10:14 +0200)
pound.cfg patch | blob | blame | history

diff --git a/pound.cfg b/pound.cfg
index 65785f063da88411654ff4c4bb78dfe3722718e5..f058d33015182b06998929a32ece39d7f22d9039 100644 (file)
--- a/pound.cfg
+++ b/pound.cfg
@@ -35,6 +35,13 @@ ListenHTTPS
        Address 0.0.0.0
        Port 443
        Cert "/etc/pki/pound.pem"
+
+       Disable SSLv3
+       SSLAllowClientRenegotiation 0
+       SSLHonorCipherOrder 1
+       Ciphers "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES256-SHA256:!RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
+       AddHeader  "HTTPS: on"
+       RewriteLocation 0
 End
 
 Service
Pound - reverse-proxy and load-balancer
This page took 0.025818 seconds and 4 git commands to generate.