SSL ciphers, disable or not to disable RC4?

Lukas Tribus luky-37 at hotmail.com
Thu Jan 9 09:53:03 UTC 2014


Hi,


> My current values in my nginx configuration for ssl_protocols/ciphers
> what i use is this:
>
> ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> ssl_ciphers RC4:HIGH:!aNULL:!MD5;
> ssl_prefer_server_ciphers on;
>
> What are todays recommendations for ssl_ciphers option for supporting
> all current OSes and browsers, even Windows XP users with IE?
> Can i disable RC4?

Personally, I'm following Mozillas deployment recommendations:
https://wiki.mozilla.org/Security/Server_Side_TLS



Regards,

Lukas 		 	   		  


More information about the nginx mailing list