小喵 🐈 => YSITD: root@www:/etc/ssl# grep ssl /etc/nginx/nginx.conf ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; ssl_dhparam /etc/nginx/dhparams.pem; ssl_session_cache shared:ssl_session

小喵 🐈 says to YSITD

root@www:/etc/ssl# grep ssl /etc/nginx/nginx.conf ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; ssl_dhparam /etc/nginx/dhparams.pem; ssl_session_cache shared:ssl_session_cache:10m;

at Sat, Apr 1, 2017 4:45 AM