Apache
Apache是一套网页伺服器软体。
设定
SSL
先用a2enmod ssl启动SSL模组。
Cipher
在/etc/apache2/conf-available/sslciphersuite.conf内设定:
# SSLCipherSuite CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:!SHA1 SSLHonorCipherOrder On
接著用a2enconf sslciphersuite启动。
SSL Stapling
在/etc/apache2/conf-available/sslstapling.conf内设定:
# SSLUseStapling On SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
接著用a2enconf sslstapling启动。
VirtualHost
这边设定将example.com导去HTTPS:
<VirtualHost *:80>
ServerName example.com:80
DocumentRoot /srv/example.com/public
ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
Redirect / https://example.com/
</VirtualHost>
外部连结
- 官方网站 (英文)