Skip to content

Commit 4100550

Browse files
author
Marius Burkard
committed
Merge branch 'master' into 'master'
 Added SSLStaplingCache Added SSLStaplingCache shmcb:/var/run/ocsp(128000) to vhost template conf if apache version >= 2.4 and ssl enabled See merge request !234
2 parents 69fe1ea + d85994c commit 4100550

File tree

2 files changed

+28
-1
lines changed

2 files changed

+28
-1
lines changed

install/tpl/apache_ispconfig.vhost.master

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,8 +68,26 @@ NameVirtualHost *:<tmpl_var name="vhost_port">
6868
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
6969
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
7070

71+
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:E$
72+
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
73+
74+
<IfModule mod_headers.c>
75+
Header always add Strict-Transport-Security "max-age=15768000"
76+
</IfModule>
77+
78+
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
79+
<tmpl_var name="ssl_comment">SSLUseStapling on
80+
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
81+
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors off
82+
</tmpl_if>
7183
</VirtualHost>
7284

85+
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
86+
<IfModule mod_ssl.c>
87+
<tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
88+
</IfModule>
89+
</tmpl_if>
90+
7391
<Directory /var/www/php-cgi-scripts>
7492
AllowOverride None
7593
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>

server/conf/vhost.conf.master

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -448,6 +448,15 @@
448448
<tmpl_var name='apache_directives'>
449449
<tmpl_hook name='apache2_vhost:vhost_footer'>
450450
</VirtualHost>
451+
452+
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
453+
<tmpl_if name='ssl_enabled'>
454+
<IfModule mod_ssl.c>
455+
SSLStaplingCache shmcb:/var/run/ocsp(128000)
456+
</IfModule>
457+
</tmpl_if>
458+
</tmpl_if>
459+
451460
</tmpl_loop>
452461

453-
<tmpl_hook name='apache2_vhost:footer'>
462+
<tmpl_hook name='apache2_vhost:footer'>

0 commit comments

Comments
 (0)