Discover Centmin Mod today
Register Now

Featured Nginx How to use Brotli compression for Centmin Mod Nginx web servers

Discussion in 'Centmin Mod User Tutorials & Guides' started by eva2000, Mar 6, 2017.

  1. RB1

    RB1 Active Member

    281
    72
    28
    Nov 11, 2016
    California
    Ratings:
    +119
    Local Time:
    9:12 AM
    Nginx 1.13.x
    MariaDB 10.1.x
    Ahh OK so no brotli via your server, but on Cloudflare's side...is it serving gzip or brotli?
    They claim to support brotli and show an example at: https://http2.cloudflare.com (check headers on this page )
     
  2. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    Everything is showing gzip from CloudFlare. I recompiled nginx without brotli support and disabled gzip in nginx.conf
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    yeah seems we aren't seeing brotli served from Cloudflare's servers at all
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
  5. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    FYI, for folks playing with the pre-compress brotli.sh tool, I have made a few big improvement updates to it outlined at centminmod.com/brotlistatic :)
     
    • Like Like x 2
  6. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    7:12 PM
    1
    10
    Theoretically though even though cloudflare would gzip content passing through would there not be a performance boost to use gzip or brotli on the server side, I'm using cloudflare and benchmarking between using this tool and not using it is showing a difference in page load times
     
  7. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    in favour of which ? brotli.sh precompresses gz and br versions. So would make some sense as Centmin Mod Nginx will uses gzip_static and brotli_static meaning if you pre-gzip static file, Centmin Mod Nginx will serve that pre-gzipped static file to Cloudflare and they'd cache it to serve from their edge. Just that Cloudflare seems to ignore the pre-brotli compressed static files I guess. Pre-gzipped is still faster than on the fly gzip whether it be on backend origin or Cloudflare's edge servers.
     
    Last edited: Mar 7, 2017
  8. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    7:12 PM
    1
    10
    In favor of enabling brotli, ultimately I'm not sure, I'll have to do further testing but it looks to me like there's a slight improvement to using it with cloudflare even though it's still processing as gzip on their end
     
  9. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    you used brotli.sh to precompress gz and br versions or just use brotli on the fly compression ?
     
  10. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    We disabled on the fly compression of anything since CloudFlare does this for us after the first request.

    So the only hit we should take is that first request from CloudFlare will be uncompressed. Then CloudFlare will cache it, compress it on their end and then any request after that will hit CloudFlare's servers instead of ours.

    Am I viewing the above correctly?
     
  11. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    From what i understand Cloudflare takes your backend server (Centmin Mod Nginx) requests as uncompressed as you disabled on the fly gzip compression. Then Cloudflare serves that request as either gzip or non-gzip depending on the client's browser request header for Accept Encoding. In your specific case Cloudflare now compresses that uncompressed data sent from your backend on their Cloudflare Nginx server side.

    i.e. request header would tell Cloudflare server or Centmin Mod Nginx (in non Cloudflare configs) that browser supports gzip, deflate, sdch and br compression
    Code (Text):
    accept-encoding: gzip, deflate, sdch, br
    


    Why it would be faster for @SFLC with brotli.sh pre-gzipped or pre-brotli compressed assets is that both Centmin Mod Nginx and I assume Cloudflare Nginx servers support gzip_static directive so if a pre-gzipped asset is detected it is served bypassing the time it takes to compress on the fly at either Cloudflare Nginx server or Centmin Mod Nginx server side.

    Also brotli.sh pre-gzipped and pre-brotli compressed assets will use higher compression levels on average than on the fly Nginx configured gzip and brotli compression so assets are compressed to smaller size = faster page loads. Though Cloudflare Nginx from what I read even uses gzip compression level 9 for on the fly as they have alot more cpu resources available and offset by caching at server and browser cache level. Whereas, Centmin Mod Nginx defaults to gzip compression level 5 or 6 depending on branch for on the fly compression so to balance cpu load to compression time. For brotli.sh pre-gzipped and pre-brotli compressed assets, compression levels for pre-gzipped files uses pigz level 11 which is Zopfli based compression which results in smaller compressed files than gzip max level 9 if more than 1 cpu thread is detected. If 1 cpu thread only detected falls back from pigz to gzip level 6 compression for pre-gzipped files.

    Folks can use webpagetest.org to test their Brotli vs Gzip enabled configurations ;)

    edit: added some example numbers for compressed file sizes vs original file for brotli and gzip (via pigz)

    Code (Text):
    ls -lah /usr/local/nginx/html/brotlitests/
    total 364K
    drwxr-sr-x  2 root  nginx 4.0K Mar  5 13:10 .
    drwxr-sr-x. 4 nginx nginx 4.0K Mar  5 12:44 ..
    -rw-r--r--  1 root  nginx 119K Jul 25  2016 bootstrap.min.css
    -rw-r--r--  1 root  nginx  16K Jul 25  2016 bootstrap.min.css.br
    -rw-r--r--  1 root  nginx  20K Jul 25  2016 bootstrap.min.css-bro4.br
    -rw-r--r--  1 root  nginx  18K Jul 25  2016 bootstrap.min.css-bro5.br
    -rw-r--r--  1 root  nginx  18K Jul 25  2016 bootstrap.min.css-bro6.br
    -rw-r--r--  1 root  nginx  18K Jul 25  2016 bootstrap.min.css-pigz11.gz
    -rw-r--r--  1 root  nginx  20K Jul 25  2016 bootstrap.min.css-pigz6.gz
    -rw-r--r--  1 root  nginx  37K Jul 25  2016 bootstrap.min.js
    -rw-r--r--  1 root  nginx 8.6K Jul 25  2016 bootstrap.min.js.br
    -rw-r--r--  1 root  nginx  11K Jul 25  2016 bootstrap.min.js-bro4.br
    -rw-r--r--  1 root  nginx 9.3K Jul 25  2016 bootstrap.min.js-bro5.br
    -rw-r--r--  1 root  nginx 9.3K Jul 25  2016 bootstrap.min.js-bro6.br
    -rw-r--r--  1 root  nginx 9.3K Jul 25  2016 bootstrap.min.js-pigz11.gz
    -rw-r--r--  1 root  nginx  11K Jul 25  2016 bootstrap.min.js-pigz6.gz
    
     
    Last edited: Mar 7, 2017
  12. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    I asked CloudFlare and this was their response:

    Screen Shot 2017-03-07 at 7.00.55 AM.png
     
  13. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    yup Alex's second response is pretty much what i said here. So for you probably be worth re-enabling gzip compression on Centmin Mod Nginx :)
     
    • Agree Agree x 1
  14. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
  15. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    Might want to ask Cloudflare as they would be better informed as to current state of BREACH attack and mitigation - afterall the whole internet and security based WAF firewalls online still enable gzip compression.

    FYI, Centmin Mod 123.09beta01 optionally supports that nginx-length-hiding-filter-module for nginx via variable you can set in persistent config /etc/centminmod/custom_config.inc prior to nginx recompile via centmin.sh menu option 4
    Code (Text):
    NGINX_LENGTHHIDE='n'         # https://github.com/nulab/nginx-length-hiding-filter-module
    

    Unfortunately, i haven't be able to get it to work i.e. can't see the random string inserted into my site's html pages. Edit: apparently that was fixed for incompatibility with HTTP/2 nginx 1.11.3 ? · Issue #4 · nulab/nginx-length-hiding-filter-module · GitHub so worth retrying/retesting :) Edit: tried and still doesn't work for me heh

    Might want to start a separate thread for that NGINX_LENGTHHIDE option or ask at https://community.centminmod.com/th...ilter-module-in-123-09beta01.8360/#post-34764

    example of it enabled with NGINX_LENGTHHIDE='y' and nginx recompiled via centmin.sh menu option 4
     
    Last edited: Mar 7, 2017
  16. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    I have asked CloudFlare. I had that module enabled before I disabled gzip. I will wait to see what they say and then give it another test if they do still recommend length hiding with gzip enabled.
     
  17. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    still not working for me heh https://community.centminmod.com/posts/45877/
     
  18. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    • Informative Informative x 1
  19. BamaStangGuy

    BamaStangGuy Active Member

    473
    137
    43
    May 25, 2014
    Ratings:
    +181
    Local Time:
    11:12 AM
    I have reenabled gzip and set the compression level at 1. I feel like that is a good compromise for overhead vs keeping network congestion from my server to CloudFlare down.
     
    • Informative Informative x 1
  20. eva2000

    eva2000 Administrator Staff Member

    30,546
    6,849
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,262
    Local Time:
    3:12 AM
    Nginx 1.13.x
    MariaDB 5.5
    Note, CRIME and BREACH only apply to HTTPS based requests not non-HTTPS. More explained on BREACH here Anatomy of a cryptographic oracle – understanding (and mitigating) the BREACH attack

    Lets test against cloudflare.com web site via dev ssllabs and testssl tools and compare to Centmin Mod HTTP/2 HTTPS defaults - results should both are migitated for common vulnerabilities though not sure if CRIME, TLS includes BREACH ?

    dev ssllabs SSL Server Test: cloudflare.com (Powered by Qualys SSL Labs)

    cloudflare testssl excerpt for vulnerabilities test
    Code (Text):
     Testing vulnerabilities
    
     Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
     CCS (CVE-2014-0224)                       not vulnerable (OK)
     Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
     Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), potential DoS threat
     CRIME, TLS (CVE-2012-4929)                not vulnerable (OK) (not using HTTP anyway)
     POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
     TLS_FALLBACK_SCSV (RFC 7507),             Downgrade attack prevention supported (OK)
     FREAK (CVE-2015-0204)                     not vulnerable (OK)
     DROWN (2016-0800, CVE-2016-0703)          not vulnerable on this port (OK)
                                               make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                               https://censys.io/ipv4?q=BAD392E96D1E8C5772D3AB26B5EF1034B40F760BDC6BBC075265B17020602899 SHA256 12C4A5747ED56E372C87890225E4CD51896D8EAD7D55CF76BFD19B6B746C70D0 SHA256 30BA61012FFE7CEAAF9A148A0CB0C5C852A9C04F4B1C27DB6EFA9919C7F49CCF could help you to find out
     LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK), common primes not checked. See below for any DH ciphers + bit size
     BEAST (CVE-2011-3389)                     TLS1: DES-CBC3-SHA AES128-SHA
                                                     AES256-SHA ECDHE-RSA-DES-CBC3-SHA ECDHE-RSA-AES128-SHA
                                                     ECDHE-RSA-AES256-SHA
                                               VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
     RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
    


    Code (Text):
    ###########################################################
        testssl       2.8pre1 from https://testssl.sh/
        (1.571 2017/02/24 15:30:28)
    
          This program is free software. Distribution and
                 modification under GPLv2 permitted.
          USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
    
           Please file bugs @ https://testssl.sh/bugs/
    
    ###########################################################
    
     Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers]
     on 2570dffad70d:/usr/local/http2-15/bin/openssl
     (built: "reproducible build, date unspecified", platform: "linux-x86_64")
    
    
    Testing all IPv4 addresses (port 443): 198.41.215.162 198.41.214.162
    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------
     Start 2017-03-07 13:50:20    -->> 198.41.215.162:443 (cloudflare.com) <<--
    
     further IP addresses:   198.41.214.162 2400:cb00:2048:1::c629:d7a2 2400:cb00:2048:1::c629:d6a2
     rDNS (198.41.215.162):  --
     Service detected:       Couldn't determine what's running on port 443, assuming no HTTP service => skipping all HTTP checks
    
    
     Testing protocols (via sockets except TLS 1.2, SPDY+HTTP2)
    
     SSLv2               not offered (OK)
     SSLv3               not offered (OK)
     TLS 1               offered
     TLS 1.1             offered
     TLS 1.2             offered (OK)
     Version tolerance   downgraded to TLSv1.2 (OK)
     SPDY/NPN            (SPDY is an HTTP protocol and thus not tested here)
     HTTP2/ALPN          (HTTP/2 is a HTTP protocol and thus not tested here)
    
    
     Testing ~standard cipher lists
    
     Null Ciphers                 not offered (OK)
     Anonymous NULL Ciphers       not offered (OK)
     Anonymous DH Ciphers         not offered (OK)
     40 Bit encryption            not offered (OK)
     56 Bit export ciphers        not offered (OK)
     Export Ciphers (general)     not offered (OK)
     Low (<=64 Bit)               not offered (OK)
     DES Ciphers                  not offered (OK)
     "Medium" grade encryption    not offered (OK)
     Triple DES Ciphers           not offered (OK)
     High grade encryption        offered (OK)
    
    
     Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
    
     PFS is offered (OK)          ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305-OLD
     Elliptic curves offered:     prime256v1
    
    
     Testing server preferences
    
     Has server cipher order?     yes (OK)
     Negotiated protocol          TLSv1.2
     Negotiated cipher            ECDHE-ECDSA-CHACHA20-POLY1305-OLD, 256 bit ECDH
     Cipher order
        TLSv1:     ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA
        TLSv1.1:   ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-AES256-SHA AES256-SHA
        TLSv1.2:   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA
         SPDY/NPN: (SPDY is an HTTP protocol and thus not tested here)
    
    
     Testing server defaults (Server Hello)
    
     TLS extensions (standard)    "renegotiation info/#65281" "EC point formats/#11" "session ticket/#35" "status request/#5" "server name/#0" "application layer protocol negotiation/#16" "next protocol/#13172"
     Session Tickets RFC 5077     64800 seconds (PFS requires session ticket keys to be rotated <= daily)
     SSL Session ID support       yes
     TLS clock skew               random values, no fingerprinting possible
    
      Server Certificate #1
       Signature Algorithm          SHA256 with RSA
       Server key size              RSA 2048 bits
       Fingerprint / Serial         SHA1 2940BC13ECF7DAF30B9084CC734C3B971D73B3BB / 01BFD1DC15006E0ABBA7C670FF5E1101
                                    SHA256 30BA61012FFE7CEAAF9A148A0CB0C5C852A9C04F4B1C27DB6EFA9919C7F49CCF
       Common Name (CN)             "cloudflare.com"
       subjectAltName (SAN)         "cloudflare.com" "www.cloudflare.com"
       Issuer                       "DigiCert SHA2 Extended Validation Server CA" ("DigiCert Inc" from "US")
       Trust (hostname)             Ok via SAN and CN (works w/o SNI)
       Chain of trust               "/usr/bin/etc/*.pem" cannot be found / not readable
       EV cert (experimental)       yes
       Certificate Expiration       604 >= 60 days (2016-10-28 00:00 --> 2018-11-02 12:00 +0000)
       # of certificates provided   2
       Certificate Revocation List  http://crl3.digicert.com/sha2-ev-server-g1.crl
       OCSP URI                     http://ocsp.digicert.com
       OCSP stapling                offered
    
      Server Certificate #2
       Signature Algorithm          ECDSA with SHA256
       Server key size              ECDSA 256 bits
       Fingerprint / Serial         SHA1 D4ADAB1B95728D3D6E264A7070B11E882FCA7167 / 03613EFFC0FB82D6A4D8458E8F18043A
                                    SHA256 12C4A5747ED56E372C87890225E4CD51896D8EAD7D55CF76BFD19B6B746C70D0
       Common Name (CN)             "cloudflare.com"
       subjectAltName (SAN)         "cloudflare.com" "www.cloudflare.com"
       Issuer                       "DigiCert ECC Extended Validation Server CA" ("DigiCert Inc" from "US")
       Trust (hostname)             Ok via SAN and CN (works w/o SNI)
       Chain of trust               "/usr/bin/etc/*.pem" cannot be found / not readable
       EV cert (experimental)       yes
       Certificate Expiration       604 >= 60 days (2016-10-28 00:00 --> 2018-11-02 12:00 +0000)
       # of certificates provided   2
       Certificate Revocation List  http://crl3.digicert.com/DigiCertECCExtendedValidationServerCA.crl
       OCSP URI                     http://ocsp.digicert.com
       OCSP stapling                offered
    
      Server Certificate #3 (in response to request w/o SNI)
       Signature Algorithm          SHA1 with RSA
       Server key size              RSA 2048 bits
       Fingerprint / Serial         SHA1 D572871BB4A72BBF4D59A7FE465FCA0299F0AEB7 / 05C3D9EBE33EFDCD6C9777A694AEC7E5
                                    SHA256 BAD392E96D1E8C5772D3AB26B5EF1034B40F760BDC6BBC075265B17020602899
       Common Name (CN)             "cloudflare.com"
       subjectAltName (SAN)         "cloudflare.com" "www.cloudflare.com"
       Issuer                       "Compatibility Intermediate CA" ("PKI Services" from "US")
       Trust (hostname)             Ok via SAN and CN
       Chain of trust               "/usr/bin/etc/*.pem" cannot be found / not readable
       EV cert (experimental)       no
       Certificate Expiration       518 >= 60 days (2016-11-04 00:00 --> 2018-08-08 12:00 +0000)
       # of certificates provided   2
       Certificate Revocation List  http://crl3.digicert.com/CompatibilityIntermediateCA.crl
       OCSP URI                     http://ocsp.digicert.com
       OCSP stapling                offered
    
    
     Testing vulnerabilities
    
     Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
     CCS (CVE-2014-0224)                       not vulnerable (OK)
     Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
     Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), potential DoS threat
     CRIME, TLS (CVE-2012-4929)                not vulnerable (OK) (not using HTTP anyway)
     POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
     TLS_FALLBACK_SCSV (RFC 7507),             Downgrade attack prevention supported (OK)
     FREAK (CVE-2015-0204)                     not vulnerable (OK)
     DROWN (2016-0800, CVE-2016-0703)          not vulnerable on this port (OK)
                                               make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                               https://censys.io/ipv4?q=BAD392E96D1E8C5772D3AB26B5EF1034B40F760BDC6BBC075265B17020602899 SHA256 12C4A5747ED56E372C87890225E4CD51896D8EAD7D55CF76BFD19B6B746C70D0 SHA256 30BA61012FFE7CEAAF9A148A0CB0C5C852A9C04F4B1C27DB6EFA9919C7F49CCF could help you to find out
     LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK), common primes not checked. See below for any DH ciphers + bit size
     BEAST (CVE-2011-3389)                     TLS1: DES-CBC3-SHA AES128-SHA
                                                     AES256-SHA ECDHE-RSA-DES-CBC3-SHA ECDHE-RSA-AES128-SHA
                                                     ECDHE-RSA-AES256-SHA
                                               VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
     RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
    
    
     Testing all 183 locally available ciphers against the server, ordered by encryption strength
    
    Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.  Encryption Bits
    ------------------------------------------------------------------------
     xcc14   ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256   ChaCha20  256
     xcc13   ECDHE-RSA-CHACHA20-POLY1305-OLD   ECDH 256   ChaCha20  256
     xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM    256
     xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH 256   AESGCM    256
     xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES       256
     xc024   ECDHE-ECDSA-AES256-SHA384         ECDH 256   AES       256
     xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES       256
     x9d     AES256-GCM-SHA384                 RSA        AESGCM    256
     x3d     AES256-SHA256                     RSA        AES       256
     x35     AES256-SHA                        RSA        AES       256
     xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM    128
     xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH 256   AESGCM    128
     xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES       128
     xc023   ECDHE-ECDSA-AES128-SHA256         ECDH 256   AES       128
     xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES       128
    

    Centmin Mod default HTTP/2 HTTPS testssl excerpt
    Code (Text):
    Testing vulnerabilities
    
     Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
     CCS (CVE-2014-0224)                       not vulnerable (OK)
     Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
     Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), potential DoS threat
     CRIME, TLS (CVE-2012-4929)                not vulnerable (OK) (not using HTTP anyway)
     POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
     TLS_FALLBACK_SCSV (RFC 7507),             Downgrade attack prevention supported (OK)
     FREAK (CVE-2015-0204)                     not vulnerable (OK)
     DROWN (2016-0800, CVE-2016-0703)          not vulnerable on this port (OK)
                                               make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                               https://censys.io/ipv4?q=A1039C3118E5828DE5ADAA27975F8FA96B55D83258BEBD3AEAD559F320AA9F73 could help you to find out
     LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK), common primes not checked. See below for any DH ciphers + bit size
     BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES128-SHA
                                               VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
     RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
    
    
     Testing all 183 locally available ciphers against the server, ordered by encryption strength
    
    Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.  Encryption Bits
    ------------------------------------------------------------------------
     xcc13   ECDHE-RSA-CHACHA20-POLY1305-OLD   ECDH 256   ChaCha20  256
     xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM    256
     xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES       256
     xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM    128
     xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES       128
     xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES       128
    


    cloudflare (left) vs centmin mod http/2 https defaults (right) for dev ssllabs results. Centmin Mod HTTP/2 HTTPS generated vhosts default to disable HSTS as that forces HTTPS on revisits something end users will need to decide for themselves if they want to disable.

    cloudflare-vs-centminmod-https-defaults-01.png

    Edit: also nice article at https://www.sjoerdlangkemper.nl/2016/11/07/current-state-of-breach-attack/

    TLS 1.3 will have more protections for such, Cloudflare already enables TLS 1.3 but Chrome has temporarily disabled TLS 1.3 due to issues with connection hangs. OpenSSL isn't due to add TLS 1.3 support until OpenSSL 1.1.1 comes so current LibreSSL and OpenSSL 1.0.2/1.1.0 doesn't support TLS 1.3. So Nginx can't use TLS 1.3 for HTTPS until OpenSSL 1.1.1 comes around.
     
    Last edited: Mar 8, 2017
    • Like Like x 2