From 3551ba4ffefb5a5da892cba187492012ae88ea03 Mon Sep 17 00:00:00 2001 From: mhoellein Date: Tue, 11 Apr 2023 08:33:22 +0200 Subject: [PATCH] committing changes in /etc after apt run Package changes: -apache2 2.4.56-1+ubuntu18.04.1+deb.sury.org+1 amd64 -apache2-bin 2.4.56-1+ubuntu18.04.1+deb.sury.org+1 amd64 -apache2-data 2.4.56-1+ubuntu18.04.1+deb.sury.org+1 all -apache2-utils 2.4.56-1+ubuntu18.04.1+deb.sury.org+1 amd64 +apache2 2.4.57-1+ubuntu18.04.1+deb.sury.org+1 amd64 +apache2-bin 2.4.57-1+ubuntu18.04.1+deb.sury.org+1 amd64 +apache2-data 2.4.57-1+ubuntu18.04.1+deb.sury.org+1 all +apache2-utils 2.4.57-1+ubuntu18.04.1+deb.sury.org+1 amd64 --- apache2/mods-available/ssl.load | 2 +- apache2/sites-available/default-ssl.conf | 29 ------------------------ 2 files changed, 1 insertion(+), 30 deletions(-) diff --git a/apache2/mods-available/ssl.load b/apache2/mods-available/ssl.load index 3d2336ae..a04f7485 100644 --- a/apache2/mods-available/ssl.load +++ b/apache2/mods-available/ssl.load @@ -1,2 +1,2 @@ -# Depends: setenvif mime socache_shmcb +# Depends: mime socache_shmcb LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so diff --git a/apache2/sites-available/default-ssl.conf b/apache2/sites-available/default-ssl.conf index 9de96fa2..a0d837ce 100644 --- a/apache2/sites-available/default-ssl.conf +++ b/apache2/sites-available/default-ssl.conf @@ -98,33 +98,4 @@ SSLOptions +StdEnvVars - - # SSL Protocol Adjustments: - # The safe and default but still SSL/TLS standard compliant shutdown - # approach is that mod_ssl sends the close notify alert but doesn't wait for - # the close notify alert from client. When you need a different shutdown - # approach you can use one of the following variables: - # o ssl-unclean-shutdown: - # This forces an unclean shutdown when the connection is closed, i.e. no - # SSL close notify alert is send or allowed to received. This violates - # the SSL/TLS standard but is needed for some brain-dead browsers. Use - # this when you receive I/O errors because of the standard approach where - # mod_ssl sends the close notify alert. - # o ssl-accurate-shutdown: - # This forces an accurate shutdown when the connection is closed, i.e. a - # SSL close notify alert is send and mod_ssl waits for the close notify - # alert of the client. This is 100% SSL/TLS standard compliant, but in - # practice often causes hanging connections with brain-dead browsers. Use - # this only for browsers where you know that their SSL implementation - # works correctly. - # Notice: Most problems of broken clients are also related to the HTTP - # keep-alive facility, so you usually additionally want to disable - # keep-alive for those clients, too. Use variable "nokeepalive" for this. - # Similarly, one has to force some clients to use HTTP/1.0 to workaround - # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and - # "force-response-1.0" for this. - # BrowserMatch "MSIE [2-6]" \ - # nokeepalive ssl-unclean-shutdown \ - # downgrade-1.0 force-response-1.0 - -- 2.43.0