Skip to content

Commit

Permalink
Merge pull request dev-sec#501 from ksaadDE/patch-3
Browse files Browse the repository at this point in the history 
Updated dh_params to 4096
  • Loading branch information
@schurzi
schurzi committed Nov 28, 2021
2 parents 732f6ba + d8931e0 commit 3515217
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion roles/nginx_hardening/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,4 @@ nginx_ssl_prefer_server_ciphers: "on"
nginx_ssl_protocols: "TLSv1.2 TLSv1.3"
nginx_ssl_ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
nginx_ssl_session_tickets: "off"
nginx_dh_size: "2048"
nginx_dh_size: "4096"

0 comments on commit 3515217

Please sign in to comment.