<\/p>\n
In order to upgrade your server to HTTP\/2 and encrypted connections, you will need:<\/p>\n
- \n
- a web server version that supports the protocol (for NGINX, version 1.9.5 or above);<\/li>\n
- an SSL certificate and key from a respected CA (doesn’t need to be pricey but has to be SHA-2 if you are serious about it);<\/li>\n
- a couple of minutes or hours\u00a0to compute your own\u00a0Diffie Hellman group<\/li>\n
- a few\u00a0battle-tested\u00a0configuration options.<\/li>\n<\/ul>\n
Now focus, please.<\/p>\n
Step 1. Activate HTTP\/2<\/h3>\n
In Nginx’s site configuration file, make sure you have this in your server block:<\/p>\n
server {\r\n listen 80;\r\n listen 443 ssl http2;<\/pre>\nThe http2 directive will do the trick. The HTTP\/2 spec does not require encryption, but browsers do.<\/p>\n
Once this is in place, you have to configure NGINX to handle\u00a0encrypted connections.<\/p>\n
Step 2. Obtain and install an SHA-2 certificate from a respectable CA<\/h3>\n
Except for testing (in which case a self-signed certificate is fine), you will have to shell out some pocket change to obtain an SSL certificate from a respectable\u00a0CA (would you like some recommendations? please comment). Whatever you decide to do, make sure the CA doesn’t issue you an SHA-1 certificate. These are worse than worthless: they have been proven to be susceptible to collision attacks (like the FLAME malware that attacked MD5).<\/p>\n
Save the certificate and the key\u00a0on your server and make sure it is owned by root and read-accessible to the group\u00a0NGINX:<\/p>\n
chown root:nginx CA-issued.*<\/pre>\n
Step 3. Point\u00a0your server to your\u00a0SSL certificate and key files<\/h3>\n
In the site configuration file in NGINX, point the server to your SHA-2 certificate and the key file:<\/p>\n
ssl_certificate \/etc\/nginx\/CA-issued\/CA-issued.cert;\r\nssl_certificate_key \/etc\/nginx\/CA-issued\/CA-issued.key;<\/pre>\n
Step 4. Specify communications\u00a0protocols for encrypted connections<\/h3>\n
If you are serious about security, you should not enable SSL (it’s been compromised) nor allow a downgrade to TLS 1.0 or TLS 1.1. The only acceptable protocols are TLS 1.3 and TLS 1.2.<\/p>\n
Enter this into the configuration\u00a0file of your site in NGINX:<\/p>\n
ssl_protocols TLSv1.3 TLSv1.2;<\/pre>\n
Step 5. Specify cipher suites using ECDHE: (Ephemeral) Elliptic-Curve Diffie-Hellman key exchange and prohibit a compromise<\/h3>\n
This directive allows you to specify ciphers in NGINX:<\/p>\n
ssl_ciphers ‘TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’;<\/p>\n
Now the question is, how do you figure out which cipher suites are acceptable? Mozilla offers a helpful ssl-config-generator<\/a>\u00a0that will give you recommended (option ‘modern profile’) and\/or supported (‘old profile’) ciphers for any given version of your web server and OpenSSL.<\/p>\n
Make sure you deploy\u00a0(Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE-) variants and NOT\u00a0the original, finite field, Diffie-Hellman (DHE-). Tweak Mozilla’s ‘modern profile’ output of the NGINX\u00a0ssl_ciphers parameter to that end if you want to be paranoid (why wouldn’t you want to? no valid\u00a0reasons).<\/p>\n
Tell the server to override any preferences the client may report as own by setting\u00a0this parameter:<\/p>\n
ssl_prefer_server_ciphers on;<\/pre>\n
Last but not least, specify the curve type. Chose a modern ECDH (elliptic curve DH) in OpenSSL 1.1.1:<\/p>\n
ssl_ecdh_curve secp384r1;<\/pre>\n
Step 6. Replace\u00a0your server’s Diffie-Hellman group<\/h3>\n
By default, many web servers use a weak Diffie-Hellman group that has been\u00a0broken by rogue nation states and cannot be\u00a0considered safe by any stretch of imagination. Do yourself a favor and replace it asap.<\/p>\n
![\"Testing](\"https:\/\/cloudinsidr.com\/content\/wp-content\/uploads\/2015\/12\/Diffie_Hellman.jpg\")
<\/a>Testing a web server for Diffie Hellman (weakdh.org): a compromised certificate is the last thing you want<\/figcaption><\/figure>\n (If you need a crypto expert to scare you into revving\u00a0up security, so be it: glance over “Breaking Diffie-Hellman with Massive Precomputation (Again)<\/a>” by Bruce Schneier\u00a0and you’ll gladly read\u00a0this\u00a0guide on how to protect yourself as the end user<\/a>\u00a0and how to protect your end users by securing your SSH<\/a>, too.)<\/em><\/p>\n
In order to generate your new group, you can use openssl directly on your server (ask for a key no shorter than 4096):<\/p>\n
openssl dhparam -out dhparams.pem 4096 & bg<\/pre>\n
(The process should take between a few\u00a0minutes and a few\u00a0hours, depending on your system.) Change the permissions to the resulting key file to allow your server\u00a0user’s group read access only (the owner remains root):<\/p>\n
chown root:nginx\u00a0dhparams.pem<\/pre>\n
In the\u00a0site configuration file in NGINX, point the web server to your shiny new Diffie-Hellman key:<\/p>\n
# Diffie-Hellman parameter for DHE cipher suites\r\n ssl_dhparam \/etc\/nginx\/dhparams-4096.pem;<\/pre>\n
At this point, you are done. Save the configuration file and restart your server for the changes to take effect:<\/p>\n
service nginx restart<\/pre>\n
Step 7. Disallow\u00a0unencrypted HTTP by enabling HSTS<\/h3>\n
HSTS<\/strong> (HTTP Strict Transport Security<\/em>) is a web security policy mechanism designed to help protect HTTPS websites against downgrade attacks<\/strong> and cookie hijacking<\/strong> (RFC 6797). With HSTS, the web server sends an HTTP response header field named “Strict-Transport-Security<\/em>“, which tells the client\u00a0to interact using HTTPS only.<\/p>\n
This only works with compliant user agents,<\/strong>\u00a0however, the setting will\u00a0help protect legitimate visitors but will not\u00a0protect your site from malicious HTTP communications.\u00a0For this reason, you may want to redirect HTTP requests using a server directive (to that end, you will have to temporarily disable HSTS in order to verify that your redirects are\u00a0actually working).<\/p>\n
In NGINX, enter this into the configuration file of each site within the server block:<\/p>\n
<\/p>\n
# HSTS (requires ngx_http_headers_module)\u00a0\r\n# 15768000 seconds = 6 months\r\n# in seconds, 365 days, including subdomains\r\n# do NOT use max-age of zero; it will disable the policy!\r\nadd_header Strict-Transport-Security \"max-age=31536000; includeSubDomains; always\";<\/pre>\n
In order to\u00a0enforce https, enter this in the location block (rewrites are not recommended):<\/p>\n
return 301 https:\/\/www.your-domain.tld\/$request_uri;<\/pre>\n
Step 8. Stay vigilant (in perpetuity!)<\/h3>\n
Now head over to the SSL scanner by Qualys SSL Labs<\/a> and run a test on each one of your domains to make sure you haven’t overlooked anything.<\/p>\n