Cheat Sheets

Security - nginx Prefer Server Ciphers

Description

An nginx production webserver should prefer the server side ciphers.

Check Script: security-nginx-no-sslv3.sh

#!/bin/bash

for dir in /etc/nginx /usr/local/nginx/conf; do if [ -d $dir ]; then if rgrep -q "ssl_protocols[[:space:]][[:space:]]*SSLv[23]" $dir/*-enabled $dir/conf.d; then result_failed "ssl_protocols includes SSLv[2/3]" fi fi done
Comment on Disqus