Chmarkine has uploaded a new change for review. https://gerrit.wikimedia.org/r/169978
Change subject: lists - disable SSLv3 ...................................................................... lists - disable SSLv3 This will not disable SSLv3 on lists.wikimedia.org for now, because we are using lighttpd/1.4.26, but disabling SSLv3 was not supported until 1.4.29. (http://www.lighttpd.net/2011/7/3/1-4-29/) Nevertheless, I think it's a good idea to update the configuation, so that when we update the server, it will take effect immediately. Change-Id: I56282aa31b26f69350cf1743c5b46de3715e98a8 --- M files/lighttpd/50-mailman.conf 1 file changed, 1 insertion(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/78/169978/1 diff --git a/files/lighttpd/50-mailman.conf b/files/lighttpd/50-mailman.conf index 04785fa..64d4bf8 100644 --- a/files/lighttpd/50-mailman.conf +++ b/files/lighttpd/50-mailman.conf @@ -38,6 +38,7 @@ ssl.pemfile = "/etc/ssl/private/lists.wikimedia.org.pem" ssl.ca-file = "/etc/ssl/certs/RapidSSL_CA.pem" # TODO: with 1.4.30, set cipher lists, disable client renegotiation + ssl.use-sslv3 = "disable" url.redirect = ( "^/(index\.html?)?$" => "https://lists.wikimedia.org/mailman/listinfo";, -- To view, visit https://gerrit.wikimedia.org/r/169978 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I56282aa31b26f69350cf1743c5b46de3715e98a8 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Chmarkine <chmark...@hotmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
