OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	06/17/2025 04:22:05 PM	rwxr-xr-x
📄 access_compat.load	100 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 alias.conf	843 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 alias.load	62 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 auth_basic.load	94 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 authn_core.load	72 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 authn_file.load	72 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 authz_core.load	72 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 authz_host.load	94 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 authz_user.load	94 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 autoindex.conf	3.29 KB	07/16/2019 06:14:45 PM	rw-r--r--
📄 autoindex.load	70 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 deflate.conf	395 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 deflate.load	84 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 dir.conf	158 bytes	02/11/2020 11:48:23 AM	rw-r--r--
📄 dir.load	58 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 env.load	58 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 filter.load	64 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 mime.conf	7.5 KB	07/16/2019 06:14:45 PM	rw-r--r--
📄 mime.load	60 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 mpm_prefork.conf	571 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 mpm_prefork.load	108 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 negotiation.conf	724 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 negotiation.load	74 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 php7.2.conf	855 bytes	01/13/2020 06:39:59 PM	rw-r--r--
📄 php7.2.load	102 bytes	01/13/2020 06:39:59 PM	rw-r--r--
📄 proxy.conf	822 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 proxy.load	62 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 proxy_fcgi.load	89 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 reqtimeout.conf	1.16 KB	07/16/2019 06:14:45 PM	rw-r--r--
📄 reqtimeout.load	72 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 rewrite.load	66 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 setenvif.conf	1.25 KB	07/16/2019 06:14:45 PM	rw-r--r--
📄 setenvif.load	68 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 socache_shmcb.load	78 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 ssl.conf	3.04 KB	07/16/2019 06:14:45 PM	rw-r--r--
📄 ssl.load	97 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 status.conf	749 bytes	07/16/2019 06:14:45 PM	rw-r--r--
📄 status.load	64 bytes	07/16/2019 06:14:45 PM	rw-r--r--

Editing: ssl.conf

# Pseudo Random Number Generator (PRNG):
	# Configure one or more sources to seed the PRNG of the SSL library.
	# The seed data should be of good random quality.
	# WARNING! On some platforms /dev/random blocks if not enough entropy
	# is available. This means you then cannot use the /dev/random device
	# because it would lead to very long connection times (as long as
	# it requires to make more entropy available). But usually those
	# platforms additionally provide a /dev/urandom device which doesn't
	# block. So, if available, use this one instead. Read the mod_ssl User
	# Manual for more details.
	#
	SSLRandomSeed startup builtin
	SSLRandomSeed startup file:/dev/urandom 512
	SSLRandomSeed connect builtin
	SSLRandomSeed connect file:/dev/urandom 512

##
	##  SSL Global Context
	##
	##  All SSL configuration in this context applies both to
	##  the main server and all SSL-enabled virtual hosts.
	##

#
	#   Some MIME-types for downloading Certificates and CRLs
	#
	AddType application/x-x509-ca-cert .crt
	AddType application/x-pkcs7-crl	.crl

#   Pass Phrase Dialog:
	#   Configure the pass phrase gathering process.
	#   The filtering dialog program (`builtin' is a internal
	#   terminal dialog) has to provide the pass phrase on stdout.
	SSLPassPhraseDialog  exec:/usr/share/apache2/ask-for-passphrase

#   Inter-Process Session Cache:
	#   Configure the SSL Session Cache: First the mechanism 
	#   to use and second the expiring timeout (in seconds).
	#   (The mechanism dbm has known memory leaks and should not be used).
	#SSLSessionCache		 dbm:${APACHE_RUN_DIR}/ssl_scache
	SSLSessionCache		shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
	SSLSessionCacheTimeout  300

#   Semaphore:
	#   Configure the path to the mutual exclusion semaphore the
	#   SSL engine uses internally for inter-process synchronization. 
	#   (Disabled by default, the global Mutex directive consolidates by default
	#   this)
	#Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache

#   SSL Cipher Suite:
	#   List the ciphers that the client is permitted to negotiate. See the
	#   ciphers(1) man page from the openssl package for list of all available
	#   options.
	#   Enable only secure ciphers:
	SSLCipherSuite HIGH:!aNULL

# SSL server cipher order preference:
	# Use server priorities for cipher algorithm choice.
	# Clients may prefer lower grade encryption.  You should enable this
	# option if you want to enforce stronger encryption, and can afford
	# the CPU cost, and did not override SSLCipherSuite in a way that puts
	# insecure ciphers first.
	# Default: Off
	#SSLHonorCipherOrder on

#   The protocols to enable.
	#   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
	#   SSL v2  is no longer supported
	SSLProtocol all -SSLv3

#   Allow insecure renegotiation with clients which do not yet support the
	#   secure renegotiation protocol. Default: Off
	#SSLInsecureRenegotiation on

#   Whether to forbid non-SNI clients to access name based virtual hosts.
	#   Default: Off
	#SSLStrictSNIVHostCheck On

</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet