CloudFlare's server configuration for TLS cipher suites is set in nginx (which we use extensively) with the following configuration command:
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
ssl_prefer_server_ciphers on;
We keep a public repository of our SSL configurations, with changes over time.
Please note that CloudFlare no longer supports RC4 cipher suites for TLS 1.1 and higher http://blog.cloudflare.com/killing-rc4 and has removed RC4 as a preferred cipher altogether http://blog.cloudflare.com/killing-rc4-the-long-goodbye.
Comments
Article is closed for comments.