LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-10-2017, 10:10 AM   #1
chanlan3005
LQ Newbie
 
Registered: May 2017
Posts: 7

Rep: Reputation: Disabled
what cipher should be enabled in apache


I use apache 2.x as web server , I know there are many cipher can be enabled , I just would like to know which cipher should be enabled or suitable to enabled nowaday ? thanks

http://httpd.apache.org/docs/2.0/mod...sslciphersuite
 
Old 08-10-2017, 11:14 AM   #2
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
I can't answer, but this sticks out from your reference:
Code:
Default:	SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
Found some crunchy reading material at https://hynek.me/articles/hardening-...s-ssl-ciphers/
from a generic
Code:
sslciphers in use today
search engine query.

Ack. Damn you for bringing it up
Now I'm wondering also.

and some recent historical context?
Now that it is 2015, what SSL/TLS cipher suites should be used in a high security HTTPS environment?

Last edited by Habitual; 08-10-2017 at 11:16 AM.
 
Old 08-11-2017, 08:50 AM   #3
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010Reputation: 1010
You should just use at least a 128-bit cipher. AES-128 and AES-256 are very good. Triple DES is on the way out.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache + mod_fcgid + mod_security with chroot enabled. compix Linux - Server 1 06-17-2013 11:36 PM
How do you change cipher list order with openssl cipher command? markseger Linux - Security 1 03-20-2013 04:45 AM
[SOLVED] [Apache] Is this a correct sites-enabled entry? earthw0rmjim Linux - Server 2 09-15-2012 02:34 PM
Apache 2.2.14 ignores SSL Cipher in Virtual Host Jukas Linux - Server 5 03-02-2010 04:44 PM
RH8/Apache - PHP installed but not enabled(?) bkeating Linux - Software 3 12-05-2002 12:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration