We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
PCI Nginx SSL
PCI Nginx SSL
TLS 1.0 should be disabled and weaker ciphers disabled as well. Nginx should be configured to something closer to:
That is much closer to PCI compliance.
Enjoy! :-)
Code: Select all
# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
Enjoy! :-)
Re: PCI Nginx SSL
I've made a push request on GitHub for that about 2 months ago but it was not accepted!