Apache Notes
From Federal Burro of Information
Disable weak cryptography Apache
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT SSLProtocol -ALL +SSLv3 +TLSv1
compressions:
Protecting against attacks
Apache Range Attack DOS
aka Apache Killer
http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html
RewriteEngine On RewriteCond %{HTTP:range} ^.+$ [NC] RewriteRule .* - [F] RewriteCond %{HTTP:request-range} ^.+$ [NC] RewriteRule .* - [F]
See Also
https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.0.pdf