]> git.pld-linux.org Git - packages/lighttpd.git/commitdiff
projects / packages / lighttpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5f5b97e)
- mitigate against BEAST attacks, see https://redmine.lighttpd.net/issues/2364
authorElan Ruusamäe <glen@pld-linux.org>
Mon, 19 Dec 2011 14:40:50 +0000 (14:40 +0000)
committercvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
Changed files:
    lighttpd-ssl.conf -> 1.4

lighttpd-ssl.conf patch | blob | blame | history

diff --git a/lighttpd-ssl.conf b/lighttpd-ssl.conf
index 329c32b424488af5a9460d5fc202e853f25b5dcf..aabab2120366f71fab2b4e8225f46aef7612b14d 100644 (file)
--- a/lighttpd-ssl.conf
+++ b/lighttpd-ssl.conf
@@ -2,6 +2,10 @@
 #
 # Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:SSL
 
+# mitigate against BEAST attacks
+# http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
+#ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
+
 $SERVER["socket"] == ":443" {
        ssl.engine = "enable"
        ssl.pemfile = "/etc/lighttpd/server.pem"
Fast and light HTTP server
This page took 0.055475 seconds and 4 git commands to generate.