jinwon42 Wrote: ------------------------------------------------------- > my site is vulnerable to the SSL FREAK attacks. > > ssl_protocols SSLv3 TLSv1; > ssl_ciphers AES256-SHA:HIGH:!EXPORT:!eNULL:!ADH:RC4+RSA;
Try these; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:ECDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!MD5:!DSS:!EXP:!ADH:!LOW:!MEDIUM; Posted at Nginx Forum: http://forum.nginx.org/read.php?2,257984,257989#msg-257989 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
