HAProxy SSL A+
Posted on
Cara mendapatkan skor SSL A+ dari SSL Labs untuk haproxy
global section, tambahkan:
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
frontend https, tambahkan:
bind *:443 ssl crt /etc/ssl/jekyll.nalakawula.com.pem alpn http/1.1,h2
# HSTS header (1 year = 31540000 seconds)
http-response set-header Strict-Transport-Security max-age=31540000