[Ach] Feedback to applied-crypto-hardening.pdf - Webservers - Apache

Sebastian sebix at sebix.at
Fri Dec 22 13:52:24 CET 2017


Thanks for the feedback!

On 12/22/2017 12:50 PM, Torge Riedel wrote:
> The guide "Webservers / Apache" is working for me, some remarks:
Will add that.
> Isn't
>   SSLEngine on
> missing in the "Settings"?
Thanks, added.
> I remember having problems with just doing a "Redirect permanent ...".
> I needed to configure Apache like this:
> [...]
> to allow redirection to https for every URI. I currently can't
> remember what went wrong causing me to solve it this way.
But it would be interesting ;)
>  Don't know if this is out-of-scope, but some services running on my
> server do not care enough on security, so I have to set some
> additional headers to increase security.
Yes, it's out of scope, because not cryptography-related.
> I am in contact with the communities to improve this in the services
> itself:
That makes sense.


python programming - mail server - photo - video - https://sebix.at
cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 854 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20171222/885a964a/attachment-0001.sig>

More information about the Ach mailing list