mirror of
https://github.com/certbot/certbot.git
synced 2026-03-27 12:53:05 -04:00
24 lines
752 B
Text
24 lines
752 B
Text
# Baseline setting to Include for SSL sites
|
|
|
|
SSLEngine On
|
|
SSLProtocol -all +SSLv3 +TLSv1
|
|
SSLCipherSuite HIGH:!aNULL:!ADH:!EXP:!SSLv2:!MD5:@STRENGTH
|
|
SSLHonorCipherOrder on
|
|
|
|
ServerSignature Off
|
|
AcceptPathInfo Off
|
|
AddOutputFilterByType DEFLATE text/html text/plain text/xml application/pdf
|
|
AddDefaultCharset UTF-8
|
|
|
|
SSLOptions +StrictRequire
|
|
|
|
# Add vhost name to log entries:
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
|
|
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
|
|
|
|
CustomLog /var/log/apache2/access.log vhost_combined
|
|
LogLevel warn
|
|
ErrorLog /var/log/apache2/error.log
|
|
|
|
# Always ensure Cookies have "Secure" set (JAH 2012/1)
|
|
#Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
|