SSL A+ HAProxy
step 1: install haproxy
Centos :
yum install haproxyUbuntu :
apt-add-repository ppa:vbernat/haproxy-1.5;apt-get install haproxystep 2: edit haproxy config
vim /etc/haproxy/haproxy.confstep 3 : add this configuration for creating an A+ rating:
global
ssl-default-bind-options no-sslv3 no-tls-tickets
ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
frontend https-in
rspadd set-header Strict-Transport-Security max-age=31536000;\ includeSubdomains;\ preload
rspadd set-header X-Frame-Options DENY
http-response set-header X-Content-Type-Options nosniff
-good luck-
Comments
Post a Comment