"nginx does not suck at ssl"

Mark Alan m6rkalan at gmail.com
Mon Mar 11 08:41:31 UTC 2013


On Sat, 9 Mar 2013 21:55:13 -0800, Grant <emailgrant at gmail.com> wrote:
> After reading "nginx does not suck at ssl":
> 
> http://matt.io/entry/ur
> 
> I'm using:
> 
> ssl_ciphers
> ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;

Some of us use the following to mitigate BEAST attacks:
ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;

r.

M.



More information about the nginx mailing list