VOOZH about

URL: https://cipherlist.eu/

⇱ Cipherlist.eu - Strong Ciphers for Apache, nginx and Lighttpd

πŸ‘ Cute

Cipherlist.eu Strong Ciphers for Apache, nginx and Lighttpd

Apache

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM
# Requires Apache 2.4.36 & OpenSSL 1.1.1
SSLProtocol -all +TLSv1.3 +TLSv1.2
SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:prime256v1
# Older versions
# SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off

nginx

ssl_protocols TLSv1.3;# Requires nginx >= 1.13.0 else use TLSv1.2
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; # openssl dhparam -out /etc/nginx/dhparam.pem 4096
ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM;
ssl_conf_command Ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256;
ssl_conf_command Options PrioritizeChaCha;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver $DNS-IP-1 $DNS-IP-2 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Lighttpd

var.response_header_policy = (
 "strict-transport-security" => "max-age=63072000; includeSubDomains; preload",
 "content-security-policy" => "default-src https:",
 "x-frame-options" => "DENY",
 "x-content-type-options" => "nosniff",
 "x-xss-protection" => "1; mode=block",
 "permissions-policy" => "interest-cohort=()"
)

setenv.set-response-header += var.response_header_policy

Rationale and tutorial on Strong SSL Security on Apache
Rationale and tutorial on Strong SSL Security on nginx
Rationale and tutorial on Strong SSL Security on Lighttpd
Lighttpd TLS documentation

Do you need to (or are forced to) support old / legacy software like IE < 11, Android < 4.4 or Java < 8? Yes, give me a ciphersuite that works with legacy / old software.

Test your SSL config

.

Warning

These examples are meant for sysadmins who have done this before (and sysadmins are forced to support Windows XP with IE < 9, therefore des3cbc), as an easily copy-pastable example, not for newbies who have no idea what all this means. The settings are very secure, but if you don't know what you are doing might make your website and subdomains unavailable for a long, long time (see HSTS). Research what you are doing and think before you act.
Other suggestions
  • sha256 certificates
  • 4096-bit private key
  • >2048 DH Pool size - 
    openssl dhparam -out dhparams.pem 4096
  • HTTP Public Key Pinning

Why?

πŸ‘ A+ JAAAAAAAAAA
The above ciphers are Copy Pastable in your nginx, Lighttpd or Apache config. These provide Strong SSL Security for all modern browsers, plus you get an A+ on the SSL Labs Test. In short, they set a strong Forward Secrecy enabled ciphersuite, they disable SSLv2, SSLv3, TLSv1, TLSv1.1, they add HTTP Strict Transport Security and X-Frame-Deny headers and they enable OCSP Stapling. (Lighttpd 1.4.56 and later supports OCSP Stapling with additional config option ssl.stapling-file).
Using IIS? Check out IIS Crypto. Other software like Zeus, Tomcat? Detailed info? Read the Mozilla Page.
Cipherlist.eu is made by Remy van Elst (Raymii.org) & Juerd (not the server admin, suggestions to Remy or as pull request) after the idea spawned at a Privacy Cafe at Revspace. The image is Public Domain from here. Feedback here please. Source code here.

Tweet

Tweet

Facebook

πŸ‘ dislike this on facebook

Other Software

Pull requests for other software welcome

haproxy 2.x

global
 ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
 ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM
 tune.ssl.default-dh-param 2048

frontend http-in
 mode http
 option httplog
 option forwardfor
 option http-server-close
 option httpclose
 bind $YOUR_IP:80
 redirect scheme https code 301 if !{ ssl_fc }

frontend https-in
 option httplog
 option forwardfor
 option http-server-close
 option httpclose
 http-response add-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
 http-response add-header X-Frame-Options DENY
 bind $YOUR_IP:443 ssl crt /etc/haproxy/haproxy.pem curves X25519:secp521r1:secp384r1:prime256v1 ciphers EECDH+AESGCM:EDH+AESGCM no-sslv3 no-tlsv10 no-tlsv11

Postfix

smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/postfix.cert
smtpd_tls_key_file = /etc/ssl/postfix.key
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = EECDH+AESGCM:EDH+AESGCM
tls_preempt_cipherlist = yes

Exim

tls_certificate = /etc/exim.cert
tls_privatekey = /etc/exim.key
tls_advertise_hosts = *
tls_require_ciphers = EECDH+AESGCM:EDH+AESGCM
openssl_options = +no_sslv2 +no_sslv3

ProFTPd

TLSEngine on
TLSLog /var/ftpd/tls.log
TLSProtocol TLSv1.2
TLSRequired on
TLSCipherSuite EECDH+AESGCM:EDH+AESGCM
TLSRSACertificateFile /etc/proftpd.cert
TLSRSACertificateKeyFile /etc/proftpd.key

Dovecot

ssl = yes
ssl_cert = </etc/dovecot.cert
ssl_key = </etc/dovecot.key
ssl_min_protocol = TLSv1.2
ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM
ssl_prefer_server_ciphers = yes
ssl_dh = </etc/dhparam.pem # openssl dhparam -out /etc/dhparam.pem 4096

Hitch TLS Proxy

ciphers = "EECDH+AESGCM:EDH+AESGCM"
prefer-server-ciphers = on

Cyrus IMAP

tls_server_cert: /etc/ssl/private/cyrus.crt
tls_server_key: /etc/ssl/private/cyrus.key
tls_client_ca_file: /etc/ssl/private/intermediate.pem
tls_ciphers: EECDH+AESGCM:EDH+AESGCM
tls_versions: tls1_2

Squid Reverse Proxy

https_port 443 accel defaultsite=reverse.example.com vhost \
 cert=/etc/pki/tls/certs/star.example.com.crt \
 key=/etc/pki/tls/private/star.example.com.key \
 cafile=/etc/pki/tls/certs/CA.crt \
 options=NO_SSLv2,NO_SSLv3,NO_TLSv1,NO_TLSv1_1,SINGLE_DH_USE,SINGLE_ECDH_USE,CIPHER_SERVER_PREFERENCE,No_Compression,NO_TICKET \
 cipher=ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4 \
 tls-dh=prime256v1:/etc/pki/tls/certs/dhparams.pem

cache_peer 192.168.0.10 parent 443 0 no-query originserver login=PASS no-digest ssl ssldomain=*.example.com

Zarafa

These settings can be set in /etc/zarafa/server.cfg and gateway.cfg. 
server_ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1 # >= Debian 7 / CentOS 7
server_ssl_ciphers = EECDH+AESGCM:EDH+AESGCM
server_ssl_prefer_server_ciphers = yes or no

MySQL

[mysqld]
ssl-ca=/etc/mysql-ssl/ca-cert.pem
ssl-cert=/etc/mysql-ssl/server-cert.pem
ssl-key=/etc/mysql-ssl/server-key.pem
ssl-cipher=EECDH+AESGCM:EDH+AESGCM
# replication:
GRANT REPLICATION SLAVE ON *.* to β€˜repl’@’%’ REQUIRE SSL;
STOP SLAVE;
CHANGE MASTER MASTER_SSL=1,
MASTER_SSL_CA=’/etc/mysql-ssl/ca-cert.pem’,
MASTER_SSL_CERT=’/etc/mysql-ssl/client-cert.pem’,
MASTER_SSL_KEY=’/etc/mysql-ssl/client-key.pem';
SHOW SLAVE STATUS\G;
START SLAVE;
SHOW SLAVE STATUS\G;

DirectAdmin

ssl_cipher=EECDH+AESGCM:EDH+AESGCM
SSL=1
cacert=/usr/local/directadmin/conf/cacert.pem
cakey=/usr/local/directadmin/conf/cakey.pem
carootcert=/usr/local/directadmin/conf/carootcert.pem

Postgresql

ssl = on
ssl_ciphers = 'EECDH+AESGCM:EDH+AESGCM'
password_encryption = on

OpenSSH Server

Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
KexAlgorithms curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com

OpenSSH Client

HashKnownHosts yes
Host *
 ConnectTimeout 30
 HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
 KexAlgorithms curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256
 MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
 Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
 ServerAliveInterval 10
 ControlMaster auto
 ControlPersist yes
 ControlPath ~/.ssh/socket-%r@%h:%p

Golang Server

package main

import (
 "crypto/tls"
 "log"
 "net/http"
)

func main() {
 mux := http.NewServeMux()
 mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
 w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
 w.Write([]byte("This is an example server.\n"))
 })
 cfg := &tls.Config{
 MinVersion: tls.VersionTLS12,
 CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
 PreferServerCipherSuites: true,
 CipherSuites: []uint16{
 tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
 tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
 },
 }
 srv := &http.Server{
 Addr: ":443",
 Handler: mux,
 TLSConfig: cfg,
 TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
 }
 log.Fatal(srv.ListenAndServeTLS("tls.crt", "tls.key"))
}

UniFi Controller

unifi.https.ciphers=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
unifi.https.sslEnabledProtocols=TLSv1.2

coTURN server

cipher-list="EECDH+AESGCM:EDH+AESGCM"
ec-curve-name=secp384r1
dh2066
no-tlsv1
no-tlsv1_1

Traefik TLSOptions values.yaml

tlsOptions: 
	default:
		preferServerCipherSuites: true
		cipherSuites:
			- EECDH+AESGCM:EDH+AESGCM
		minVersion: VersionTLS13
		curvePreferences:
			- secp384r1