Re:

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello!

2016-03-04 9:30 GMT+01:00 Daniel <dferradal@xxxxxxxxx>:

Files where directives are defined do not matter at all, what matters is the "Context" in which they are placed, that is server config, virtualhost, directory, etc, If you look at the official docs all directives have a specific context in which they can be used.


Adding some details about what Daniel was referring to: http://httpd.apache.org/docs/2.4/sections.html 

 
On Thu, Mar 3, 2016 at 5:31 PM, schnappiwololo@xxxxxxxxx.INVALID <schnappiwololo@xxxxxxxxx.invalid> wrote:

Apache options like "SSLProtocol", "SSLCipherSuite", and "HonorCipherOrder" among others can be put in both /etc/apache2/apache2.conf (Debian based) or etc/apache2/mods-available/ssl.conf (or even the virtual host configuration file).

Which location should these server wide SSL settings be optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and more importantly if the settings conflict in these two files/ locations which setting/file takes precedence?


My personal view: I would place them only where they are needed (i.e. if you have only one Virtual host listening on port 443 with all the SSL directives in there). For the precedence question, please check the above link!

Hope that makes sense!

Luca
 

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux