Apache Howto - Perfect SSL Security

Apache Howto - Perfect SSL Security

Posted by Peter Bassill on 17/12/2018

I often get asked for the best way to ensure perfect A or A+ level of SSL security on Apache web servers. So to answer that particular question, here is how I go it.Firstly, adding the following to /etc/apache/config-available/security.conf to ensure the SSL security across all virtual hosts:<IfModule mod_ssl.c> SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On SSLCompression off</IfModule>Once you have added this to the config file, just restart apache and boom, security.

Contact us

  • Worklab, Europort, Gibraltar

  • +350 540 73836

  • hello@wearehedgehog.com