Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing part 7.12 of CIS Apache Benchmark - removing non-forward secrecy ciphers #220

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

azurit
Copy link
Member

@azurit azurit commented Mar 26, 2024

Removing these non-forward secrecy ciphers from Apache configuration:

ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384

@azurit
Copy link
Member Author

azurit commented Mar 26, 2024

Hmm, looks like i picked wrong cyphers - both of these supports forward secrecy. But i can't see those mentioned in CIS benchmark anywhere in the configuration.

@fzipi
Copy link
Member

fzipi commented Apr 23, 2024

@azurit @dune73 What's next here? Can you provide an update PR with the updated ciphers?

theseion
theseion previously approved these changes Apr 24, 2024
@fzipi fzipi changed the base branch from develop to main May 8, 2024 22:37
@fzipi fzipi dismissed theseion’s stale review May 8, 2024 22:37

The base branch was changed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants