MetuFSS
/
metu.life
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Disable nginx ssl_session_tickets for better security (#16632)

Browse Source 
It's default turned on, but it's better to turn it off for security reason.

Reference:
- https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets
- https://github.com/mozilla/server-side-tls/issues/135
master
Peter Dave Hello 3 years ago committed by GitHub
parent 9ac7e6fef7
commit e03dc3956f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      dist/nginx.conf

1
dist/nginx.conf vendored
Unescape View File

@ -31,6 +31,7 @@ server {
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
# Uncomment these lines once you acquire a certificate:
# ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;

Write Preview
Loading…
Cancel
Save