1 files changed, 1 insertions, 0 deletions
diff --git a/modules/websites/default.nix b/modules/websites/default.nix
index 837d838..0a78c13 100644
--- a/modules/websites/default.nix
+++ b/modules/websites/default.nix
@@ -201,6 +201,7 @@ in
      logPerVirtualHost = true;
      multiProcessingModule = "worker";
      # https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4
+      # test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest
      sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1";
      sslCiphers = builtins.concatStringsSep ":" [
        "ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"

diff --git a/modules/websites/default.nix b/modules/websites/default.nix index 837d838..0a78c13 100644 --- a/modules/websites/default.nix +++ b/modules/websites/default.nix
@@ -201,6 +201,7 @@ in
201	logPerVirtualHost = true;	201	logPerVirtualHost = true;
202	multiProcessingModule = "worker";	202	multiProcessingModule = "worker";
203	# https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4	203	# https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.0.2t&guideline=5.4
		204	# test with https://www.ssllabs.com/ssltest/analyze.html?d=www.immae.eu&s=176.9.151.154&latest
204	sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1";	205	sslProtocols = "all -SSLv3 -TLSv1 -TLSv1.1";
205	sslCiphers = builtins.concatStringsSep ":" [	206	sslCiphers = builtins.concatStringsSep ":" [
206	"ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"	207	"ECDHE-ECDSA-AES128-GCM-SHA256" "ECDHE-RSA-AES128-GCM-SHA256"