APACHE_2_2] Disable compression on the SSL level (CRIME attack).

psz Sat, 30 Mar 2013 13:05:33 -0700

commit 77cad01332428ecdc899405cde1e758bdc5279e5
Author: Patryk Szczyglowski <[email protected]>
Date:   Sat Mar 30 21:04:40 2013 +0100


    Disable compression on the SSL level (CRIME attack).

 apache-mod_ssl.conf | 3 +++
 1 file changed, 3 insertions(+)
---
diff --git a/apache-mod_ssl.conf b/apache-mod_ssl.conf
index 0867c27..3f76e7e 100644
--- a/apache-mod_ssl.conf
+++ b/apache-mod_ssl.conf
@@ -60,6 +60,9 @@ SSLSessionCacheTimeout  300
 #   SSL engine uses internally for inter-process synchronization.
 SSLMutex  file:/var/run/httpd/ssl_mutex
 
+#   Disallow compression on the SSL level. Enabling this allows for CRIME 
attack!
+SSLCompression off
+
 ##
 ## SSL Virtual Host Context
 ##
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/apache.git/commitdiff/77cad01332428ecdc899405cde1e758bdc5279e5

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

[packages/apache/APACHE_2_2] Disable compression on the SSL level (CRIME attack).

Reply via email to