Following on from my previous post, there are some further updates you can make to your Apache configuration to improve the ciphers used between server and client.Continue reading “Further hardening steps for Apache TLS configurations”
Continue reading “Disabling SSLv3, TLS 1.0 and TLS 1.1 in Ubuntu 18.04 (Bionic) Apache”
It’s best practice to configure Apache to use a suitable TLS configuration. Ubuntu uses “available” and “enabled” directories to switch functionality on and off for this and other settings, located under “/etc/apache2”.
In this brief blog post, I wanted to run through the steps needed to configure Apache to use SSL and TLS. I will also discuss the importance of configuring the apache cryptosystem correctly, by disabling less preferable protocol versions due to a variety of security concerns (SSL 2.0, SSL 3.0, and TLS 1.0).Continue reading “Configuring Apache to use TLS 1.2”