Forum Discussion

Cirrus

Feb 02, 2018

SSL Cipher tweaking

Hi, To be honest i do not completely understand how the cipher string is constructed, but I normally use this one, that used to give me grade A on ssllabs: !LOW:!SSLv2:!SSLv3:!MD5:!RC4+SHA:!EXPO...

Employee

Feb 02, 2018

Hi, Have a look to the OWASP recommendations: https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet (at the bottom of the page you have the cipher strings, you may need to tweak them a bit). I use to implement this and enforce advanced plus whenever I can (all modern browsers should support it)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)