Loading...

HOME All Categories Weak SSL C...

Weak SSL Cipher在Apache中禁用過時的SSL / TLS版本

Temperature: 0 °C

Mark ChangMark Chang
author_tools

使用vi(或vim)編輯ssl.conf (通常位於/etc/httpd/conf.d/底下)

查詢SSL Protocol support

# SSL Protocol support:

# List the enable protocol levels with which clients will be able to

# connect. Disable SSLv2 access by default:

SSLProtocol all -SSLv2 -SSLv3

註解掉SSLProtocol all -SSLv2 -SSLv3

添加
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

往下拉底下SSL Cipher Suite部分也一併處理
# SSL Cipher Suite:

# List the ciphers that the client is permitted to negotiate.

# See the mod_ssl documentation for a complete list.

SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA

註解掉SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
添加
SSLCipherSuite HIGH:!aNULL:!MD5:!3DES

SSLHonorCipherOrder on

最後~保存文件並重新啟動Apache

以上紀錄

https://innstory.com/story-Weak_SSL_Cipher在Apache中禁用過時的SSL__TLS版本-2097
Linux

Prev
 WordPress如何關閉迴響留言功能

Next
分享_成功人士剛起步時和一般人的差異並不大!現代網路之父安德森給 

About the Author

Mark Chang

離不開電腦的宅男

Visitor message

Leave some footprints to prove that you visited me

Recommended reading

Author's other related stories

41是一個甚麼數字啊

41是一個甚麼數字啊

今早看了環南市場快訊 感覺還有一段日子要熬

使用.htaccess中更改session.name

使用.htaccess中更改...

session固定攻擊 session的默認名稱是PHPSESSID,此變量會保存在cookie中。...

嘰嘰喳喳

嘰嘰喳喳

為什麼突然覺得iphone跟ie一樣討厭⊙⊙

Please select an option

error

Hi, thank you for your participation, but you cannot vote repeatedly~

Join innstory now and start recording your story.

"Innstory" is a place to store stories. We are committed to becoming a warm platform. Deepening the bonds between people is our direction.
We are convinced that the blockchain between people is not just a cold calculation. Join us now.

Wrong format