"nginx does not suck at ssl"
Mark Alan
m6rkalan at gmail.com
Mon Mar 11 08:41:31 UTC 2013
On Sat, 9 Mar 2013 21:55:13 -0800, Grant <emailgrant at gmail.com> wrote:
> After reading "nginx does not suck at ssl":
>
> http://matt.io/entry/ur
>
> I'm using:
>
> ssl_ciphers
> ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
Some of us use the following to mitigate BEAST attacks:
ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;
r.
M.
More information about the nginx
mailing list