thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Disable SSLv3 in all Apache vhosts

Patrick O'Doherty 10 years ago
parent
a4c72d429b
commit
6f6fc6a90f
8 changed files with 8 additions and 8 deletions
Unified View Show Diff Stats
  1. 1
    1
      roles/blog/templates/etc_apache2_sites-available_blog.j2
  2. 1
    1
      roles/git/templates/etc_apache2_sites-available_cgit.j2
  3. 1
    1
      roles/mailserver/templates/etc_apache2_sites-available_autoconfig.j2
  4. 1
    1
      roles/newebe/templates/etc_apache2_sites-available_newebe.j2
  5. 1
    1
      roles/news/templates/etc_apache2_sites-available_selfoss.j2
  6. 1
    1
      roles/owncloud/templates/etc_apache2_sites-available_owncloud.j2
  7. 1
    1
      roles/readlater/templates/etc_apache2_sites-available_wallabag.j2
  8. 1
    1
      roles/webmail/templates/etc_apache2_sites-available_roundcube.j2

+ 1
- 1
roles/blog/templates/etc_apache2_sites-available_blog.j2 View File

11 
     ServerAlias www.{{ domain }}
 11 
     ServerAlias www.{{ domain }}
12
12
13 
     SSLEngine on
 13 
     SSLEngine on
14 
-    SSLProtocol ALL -SSLv2
14 
+    SSLProtocol ALL -SSLv2 -SSLv3
15 
     SSLHonorCipherOrder On
 15 
     SSLHonorCipherOrder On
16 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 16 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
17 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 17 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/git/templates/etc_apache2_sites-available_cgit.j2 View File

8 
     ServerName {{ cgit_domain }}
 8 
     ServerName {{ cgit_domain }}
9
9
10 
     SSLEngine on
 10 
     SSLEngine on
11 
-    SSLProtocol ALL -SSLv2
11 
+    SSLProtocol ALL -SSLv2 -SSLv3
12 
     SSLHonorCipherOrder On
 12 
     SSLHonorCipherOrder On
13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/mailserver/templates/etc_apache2_sites-available_autoconfig.j2 View File

19 
     ServerName {{ mail_server_autoconfig_hostname }}
 19 
     ServerName {{ mail_server_autoconfig_hostname }}
20
20
21 
     SSLEngine on
 21 
     SSLEngine on
22 
-    SSLProtocol ALL -SSLv2
22 
+    SSLProtocol ALL -SSLv2 -SSLv3
23 
     SSLHonorCipherOrder On
 23 
     SSLHonorCipherOrder On
24 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 24 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
25 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 25 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/newebe/templates/etc_apache2_sites-available_newebe.j2 View File

9 
     ServerName {{ newebe_domain }}
 9 
     ServerName {{ newebe_domain }}
10 
     SSLEngine On
 10 
     SSLEngine On
11
11
12 
-    SSLProtocol ALL -SSLv2
12 
+    SSLProtocol ALL -SSLv2 -SSLv3
13 
     SSLHonorCipherOrder On
 13 
     SSLHonorCipherOrder On
14 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 14 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
15 
     SSLCertificateFile /etc/ssl/certs/wildcard_public_cert.crt
 15 
     SSLCertificateFile /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/news/templates/etc_apache2_sites-available_selfoss.j2 View File

8 
     ServerName {{ selfoss_domain }}
 8 
     ServerName {{ selfoss_domain }}
9
9
10 
     SSLEngine on
 10 
     SSLEngine on
11 
-    SSLProtocol ALL -SSLv2
11 
+    SSLProtocol ALL -SSLv2 -SSLv3
12 
     SSLHonorCipherOrder On
 12 
     SSLHonorCipherOrder On
13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/owncloud/templates/etc_apache2_sites-available_owncloud.j2 View File

8 
     ServerName {{ owncloud_domain }}
 8 
     ServerName {{ owncloud_domain }}
9
9
10 
     SSLEngine on
 10 
     SSLEngine on
11 
-    SSLProtocol ALL -SSLv2
11 
+    SSLProtocol ALL -SSLv2 -SSLv3
12 
     SSLHonorCipherOrder On
 12 
     SSLHonorCipherOrder On
13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/readlater/templates/etc_apache2_sites-available_wallabag.j2 View File

8 
     ServerName {{ wallabag_domain }}
 8 
     ServerName {{ wallabag_domain }}
9
9
10 
     SSLEngine on
 10 
     SSLEngine on
11 
-    SSLProtocol ALL -SSLv2
11 
+    SSLProtocol ALL -SSLv2 -SSLv3
12 
     SSLHonorCipherOrder On
 12 
     SSLHonorCipherOrder On
13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

+ 1
- 1
roles/webmail/templates/etc_apache2_sites-available_roundcube.j2 View File

8 
     ServerName {{ webmail_domain }}
 8 
     ServerName {{ webmail_domain }}
9
9
10 
     SSLEngine on
 10 
     SSLEngine on
11 
-    SSLProtocol ALL -SSLv2
11 
+    SSLProtocol ALL -SSLv2 -SSLv3
12 
     SSLHonorCipherOrder On
 12 
     SSLHonorCipherOrder On
13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
 13 
     SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS
14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
 14 
     SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

Write Preview
Loading…
Cancel
Save