From: Ismaƫl Bouya Date: Mon, 27 Apr 2020 23:40:53 +0000 (+0200) Subject: Add comment about ssl testing X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=41521c75a22ecdbf87f1e3139ba8d0877ac7915b Add comment about ssl testing --- diff --git a/modules/websites/default.nix b/modules/websites/default.nix index 837d838..0a78c13 100644 --- a/modules/websites/default.nix +++ b/modules/websites/default.nix @@ -201,6 +201,7 @@ in logPerVirtualHost = true; multiProcessingModule = "worker"; # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4 + # test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1"; sslCiphers = builtins.concatStringsSep ":" [ "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"