aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--modules/websites/default.nix1
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 837d838..0a78c13 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -201,6 +201,7 @@ in
201 logPerVirtualHost = true; 201 logPerVirtualHost = true;
202 multiProcessingModule = "worker"; 202 multiProcessingModule = "worker";
203 # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4 203 # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4
204 # test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest
204 sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1"; 205 sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1";
205 sslCiphers = builtins.concatStringsSep ":" [ 206 sslCiphers = builtins.concatStringsSep ":" [
206 "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256" 207 "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"