[Ach] Feedback to applied-crypto-hardening.pdf - Webservers - Apache
Sebastian
sebix at sebix.at
Fri Dec 22 13:52:24 CET 2017
Hi,
Thanks for the feedback!
On 12/22/2017 12:50 PM, Torge Riedel wrote:
> The guide "Webservers / Apache" is working for me, some remarks:
Will add that.
> Isn't
>
> SSLEngine on
>
> missing in the "Settings"?
Thanks, added.
> I remember having problems with just doing a "Redirect permanent ...".
> I needed to configure Apache like this:
> [...]
> to allow redirection to https for every URI. I currently can't
> remember what went wrong causing me to solve it this way.
But it would be interesting ;)
> Don't know if this is out-of-scope, but some services running on my
> server do not care enough on security, so I have to set some
> additional headers to increase security.
Yes, it's out of scope, because not cryptography-related.
> I am in contact with the communities to improve this in the services
> itself:
That makes sense.
Sebastian
--
python programming - mail server - photo - video - https://sebix.at
cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 854 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20171222/885a964a/attachment-0001.sig>
More information about the Ach
mailing list