Disable SSLv3 in Apache2 on a clean install of ubuntu 14.04.1 Server
Solution 1
I found that I had other config files which overrode the option.
It was possible to find the files by running:
cd /etc/apache2
grep -r "SSLProto" .
Solution 2
SSLv2 is no longer supported.
Therefore
SSLProtocol All -SSLv2 -SSLv3
won't work
SSLProtocol All -SSLv3
will
Solution 3
in your apache configuration file use below settings:
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
then restart your apache and check your site at
https://www.ssllabs.com/ssltest/analyze.html?d=www.yourfancysite.com
It gave me grade A (as of 2017 July), while with my previous setting I only had F :)
Credits to:
https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
Related videos on Youtube
04 : 46
04 : 57
03 : 05
08 : 20
04 : 44
Arsenalfan
Updated on September 18, 2022Comments
-
Arsenalfan over 1 year
I am trying to make a Django web application which saves information about a User and his Hobbies to a local database. For some reason it isn't working and I am having trouble figuring out the issue. Here is my code:
The models.py file:
my_choices = ( (0, "None"), (1, "Football"), (2, "Cricket"), (3, "Swimming"), (4, "Cycling"), ) class Hobby(models.Model): user = models.ForeignKey(Profile, on_delete=models.DO_NOTHING) field = models.IntegerField(choices=my_choices, default=0)The views.py function for Profile:
def profile(request,user): try: profile_object = Profile.objects.get(id=user) if request.method.POST: form = HobbyForm(request.POST) if form.is_valid(): profile_object.field = form.cleaned_data["field"] profile_object.save() context = { "form": form, "profile": profile_object, } return render(request, 'mainapp/profile.html', context) else: context = { "form": form, "profile": profile_object, } return render(request, 'mainapp/profile.html', context) else: context = { "form": form, "profile": profile_object, } return render(request, 'mainapp/profile.html', context) except Profile.DoesNotExist: context = { "form": form, "profile": profile_object, } return render(request, 'mainapp/profile.html', context)The forms.py code for the actual form:
class HobbyForm(ModelForm): class Meta: model = Hobby fields = ["field"]And the profile.html page:
<form action="myurl/{{profile.id}}/" method="post"> {% csrf_token %} {% form.as_p %} <input type="submit" value="OK"> </form>When I run this code, I get the following error:
TypeError at /profile/ int() argument must be a string, a bytes-like object or a number, not 'Member' Request Method: GET Request URL: http://localhost:8000/profile/ Django Version: 2.1.3 Exception Type: TypeError Exception Value: int() argument must be a string, a bytes-like object or a number, not 'Member' Exception Location: C:\Users\install\AppData\Local\Programs\Python\Python36\lib\site-packages\django\db\models\fields\__init__.py in get_prep_value, line 965 Python Executable: C:\Users\install\AppData\Local\Programs\Python\Python36\python.exe Python Version: 3.6.3 Python Path: ['C:\\Users\\install\\Documents\\coursework\\Mumin', 'C:\\Users\\install\\AppData\\Local\\Programs\\Python\\Python36\\python36.zip', 'C:\\Users\\install\\AppData\\Local\\Programs\\Python\\Python36\\DLLs', 'C:\\Users\\install\\AppData\\Local\\Programs\\Python\\Python36\\lib', 'C:\\Users\\install\\AppData\\Local\\Programs\\Python\\Python36', 'C:\\Users\\install\\AppData\\Roaming\\Python\\Python36\\site-packages', 'C:\\Users\\install\\AppData\\Local\\Programs\\Python\\Python36\\lib\\site-packages'] Server time: Wed, 12 Dec 2018 17:09:26 +0000Essentially what I am trying to do with this is to allow a logged in User to add some Hobbies they are interested in and save them to the database. The hobbies are predefined in the Models. For some reason, this code is not achieveing what I want and I am not sure why. Any help appreciated.