1 files changed, 9 insertions, 2 deletions

diff --git a/etc/apache/httpd.conf b/etc/apache/httpd.conf
index 578db68..4884193 100644
--- a/etc/apache/httpd.conf
+++ b/etc/apache/httpd.conf
@@ -90,6 +90,13 @@ HostnameLookups Off
 FcgidMaxRequestsPerProcess 100
 FcgidMinProcessesPerClass 1
 SSLSessionCache shmcb:/run/apache2/
+SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
+SSLHonorCipherOrder on
+SSLCompression off
+SSLSessionTickets off
+SSLUseStapling on
+SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
 
 AddType application/x-httpd-php .php
 AddType text/xsl .xsl
@@ -162,7 +169,7 @@ AddHandler markdown .md
 	SSLCertificateFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/cert.pem
 	SSLCertificateKeyFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/privkey.pem
 	SSLCertificateChainFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/chain.pem
-	Header always set Strict-Transport-Security "max-age=864000; includeSubDomains"
+	Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
 </VirtualHost>
 <VirtualHost *:11443>
 	ServerName git.randomdan.homeip.net
@@ -170,5 +177,5 @@ AddHandler markdown .md
 	SSLCertificateFile /etc/letsencrypt/live/git.randomdan.homeip.net/cert.pem
 	SSLCertificateKeyFile /etc/letsencrypt/live/git.randomdan.homeip.net/privkey.pem
 	SSLCertificateChainFile /etc/letsencrypt/live/git.randomdan.homeip.net/chain.pem
-	Header always set Strict-Transport-Security "max-age=864000; includeSubDomains"
+	Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
 </VirtualHost>