Dear all,
I am using Apache Server
version: Apache/2.2.3 on Centos 5.4 (Test environment)
On Production Redhat 4 Server
version: Apache/2.0.52
I have been looking for a way of:
1 – Prevent browsers with
lower encryption to use my site, which I can do with the two directives below
SSLProtocol all -SSLv2
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
2 – Redirect them to a
warning page
<Directory "/">
SSLRequireSSL
SSLRequire (%{SSL_PROTOCOL} != "SSLv2" and %{SSL_CIPHER_USEKEYSIZE} >= 128) or %{REQUEST_URI} =~ m:^/errors/:ErrorDocument 403 /errors/403-ssl.html
</Directory>
When
I use IE5 to access the site I get the following error:
Forbidden
You don't have permission to
access / on this server.
Additionally, a 403 Forbidden
error was encountered while trying to use an ErrorDocument to handle the
request.
--------------------------------------------------------------------------------
Apache/2.2.3
(CentOS) Server at secure01.grant.co.uk Port 443
Bellow is my Virtual Host:
NameVirtualHost 192.168.8.40:443
<VirtualHost
192.168.8.40:443>
Serveradmin renato.oliveira@xxxxxxxxxxx
DocumentRoot "/var/www/secure"
ServerName secure01.granted.co.uk
ErrorLog logs/secure01-error_log
CustomLog logs/secure01.granted.co.uk-access_log common
SSLEngine on
<Directory
"/">
SSLRequireSSL
SSLRequire (%{SSL_PROTOCOL} != "SSLv2" and %{SSL_CIPHER_USEKEYSIZE}
>= 128) or %{REQUEST_URI} =~ m:^/errors/:
ErrorDocument 403 "Your Browser Does not support 128 Bit Encryption"
</Directory>
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertificateFile /etc/httpd/conf/certs/server.crt
SSLCertificateKeyFile /etc/httpd/conf/certs/server.key
</VirtualHost>
If anyone could help me or point
to the right direction, give a clue it would be very much appreciated.
I have search loads before
posting this question here.
Thank you very much in advance
Renato
P Please consider the environment before printing this email
|