Forum » Operacijski sistemi » Qualys SSL test | config, F sites
Qualys SSL test | config, F sites
HotBurek ::
Pozdravljeni.
Zanima me, če uporabljate Qualys SSL za testiranje postavitve https strežnika, kakšen config uporabljate, ter kakšne F rated strani ste že našli.
4x 100% config za nginx 1.15.8:
Rezultat:
https://www.ssllabs.com/ssltest/analyze...
https://www.ssllabs.com/ssltest/analyze...
Zanima me, če uporabljate Qualys SSL za testiranje postavitve https strežnika, kakšen config uporabljate, ter kakšne F rated strani ste že našli.
4x 100% config za nginx 1.15.8:
server { listen 127.0.0.1:443 http2 ssl; server_name example.com; server_tokens off; add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload' always; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; root /var/www/html/example.com/; ssl_certificate /var/certificates/example.com.pem; ssl_certificate_key /var/certificates/example.com.key; ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers 'AES256+EECDH:AES256+EDH:!aNULL'; ssl_session_cache shared:TLS:2m; ssl_buffer_size 4k; ssl_stapling on; ssl_stapling_verify on; resolver 193.2.1.72 193.2.1.66 valid=300s; resolver_timeout 5s; ssl_ecdh_curve secp384r1; ssl_dhparam /etc/nginx/dhparam.pem; location / { try_files $uri /index.html =404; } access_log /var/log/nginx/example.com/access-https.log; error_log /var/log/nginx/example.com/error-https.log; }
Rezultat:
https://www.ssllabs.com/ssltest/analyze...
https://www.ssllabs.com/ssltest/analyze...
root@debian:/# iptraf-ng
fatal: This program requires a screen size of at least 80 columns by 24 lines
Please resize your window
fatal: This program requires a screen size of at least 80 columns by 24 lines
Please resize your window
Vredno ogleda ...
Tema | Ogledi | Zadnje sporočilo | |
---|---|---|---|
Tema | Ogledi | Zadnje sporočilo | |
» | Javascript DOM based XSS vulnerabilityOddelek: Programiranje | 2869 (2291) | MrStein |
» | Firefox mi ne dovoli dostopa do NLB KlikOddelek: Informacijska varnost | 9313 (6616) | Twixz |
» | Nginx ne pošlje vseh HTTP headerjevOddelek: Izdelava spletišč | 1183 (1050) | BaRtMaN |
» | Slo tech nepodprt protokolOddelek: Pomoč in nasveti | 1281 (1198) | gapoking |
» | UKC Ljubljana kot nova slovenska potemkinova vas za blagor narodaOddelek: Novice / Varnost | 9604 (6792) | Saul Goodman |