Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
LOGJAM mitigation for Apache 2.2
# This mod_ssl configuration mitigates the LOGJAM attack on apache versions
# in which the "SSLOpenSSLConfCmd DHParameters" directive was not yet implemented. (< 2.4)
# This configuration mitigates the attack avoiding the use of DHE ciphers
# Test here:
<IfModule mod_ssl.c>
SSLProtocol all -SSLv2 -SSLv3
SSLCompression off
SSLHonorCipherOrder on

This comment has been minimized.

Copy link

@gaia gaia commented Jun 27, 2015

which browsers would not be compatible with this CipherSuite?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.