17 lines
687 B
Django/Jinja
17 lines
687 B
Django/Jinja
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
|
|
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
|
|
|
|
SSLHonorCipherOrder On
|
|
# Disable preloading HSTS for now. You can use the commented out header line that includes
|
|
# the "preload" directive if you understand the implications.
|
|
#Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
|
|
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
|
|
Header always set X-Frame-Options DENY
|
|
Header always set X-Content-Type-Options nosniff
|
|
# Requires Apache >= 2.4
|
|
SSLCompression off
|
|
SSLSessionTickets Off
|
|
SSLUseStapling on
|
|
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
|
|
|