what cipher should be enabled in apache
I use apache 2.x as web server , I know there are many cipher can be enabled , I just would like to know which cipher should be enabled or suitable to enabled nowaday ? thanks
http://httpd.apache.org/docs/2.0/mod...sslciphersuite |
I can't answer, but this sticks out from your reference:
Code:
Default: SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP from a generic Code:
sslciphers in use today Ack. Damn you for bringing it up ;) Now I'm wondering also. and some recent historical context? Now that it is 2015, what SSL/TLS cipher suites should be used in a high security HTTPS environment? |
You should just use at least a 128-bit cipher. AES-128 and AES-256 are very good. Triple DES is on the way out.
|
All times are GMT -5. The time now is 10:10 AM. |