2013-12-18
Using SSL should secure your services, b ...
Using SSL should secure your services, but it needs to be configured correctly to avoid several attacks and keep the chances low that third parties can decrypt the traffic. With the SSL Server test from Qualys SSL Labs you can check the intimate details of your https SSL configuration. And when you wonder what to use to improve your score when using Apache mod_ssl, here is a configuration snippet shared by the right people at Tilburg University:SSLEngine on SSLProtocol all -SSLv2 # advies Wessel Dankers kub SSLHonorCipherOrder on SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:AES256-GCM-SHA384:AES256-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:AES256-SHA:AES128-SHA:DES-CBC3-SHA