Cute
Cipherlist.eu Strong Ciphers for Apache, nginx and Lighttpd

Apache

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM
# Requires Apache 2.4.36 & OpenSSL 1.1.1
SSLProtocol -all +TLSv1.3 +TLSv1.2
SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:prime256v1
# Older versions
# SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off

nginx

ssl_protocols TLSv1.3;# Requires nginx >= 1.13.0 else use TLSv1.2
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; # openssl dhparam -out /etc/nginx/dhparam.pem 4096
ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM;
ssl_conf_command Ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256;
ssl_conf_command Options PrioritizeChaCha;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout  10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver $DNS-IP-1 $DNS-IP-2 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Lighttpd

var.response_header_policy = (
  "strict-transport-security" => "max-age=63072000; includeSubDomains; preload",
  "content-security-policy" => "default-src https:",
  "x-frame-options" => "DENY",
  "x-content-type-options" => "nosniff",
  "x-xss-protection" => "1; mode=block",
  "permissions-policy" => "interest-cohort=()"
)

setenv.set-response-header += var.response_header_policy

Rationale and tutorial on Strong SSL Security on Apache
Rationale and tutorial on Strong SSL Security on nginx
Rationale and tutorial on Strong SSL Security on Lighttpd
Lighttpd TLS documentation

Do you need to (or are forced to) support old / legacy software like IE < 11, Android < 4.4 or Java < 8? Yes, give me a ciphersuite that works with legacy / old software.

Test your SSL config

.

Warning

These examples are meant for sysadmins who have done this before (and sysadmins are forced to support Windows XP with IE < 9, therefore des3cbc), as an easily copy-pastable example, not for newbies who have no idea what all this means. The settings are very secure, but if you don't know what you are doing might make your website and subdomains unavailable for a long, long time (see HSTS). Research what you are doing and think before you act.
Other suggestions

Why?

A+ JAAAAAAAAAA The above ciphers are Copy Pastable in your nginx, Lighttpd or Apache config. These provide Strong SSL Security for all modern browsers, plus you get an A+ on the SSL Labs Test. In short, they set a strong Forward Secrecy enabled ciphersuite, they disable SSLv2, SSLv3, TLSv1, TLSv1.1, they add HTTP Strict Transport Security and X-Frame-Deny headers and they enable OCSP Stapling. (Lighttpd 1.4.56 and later supports OCSP Stapling with additional config option ssl.stapling-file).
Using IIS? Check out IIS Crypto. Other software like Zeus, Tomcat? Detailed info? Read the Mozilla Page.
Cipherlist.eu is made by Remy van Elst (Raymii.org) & Juerd (not the server admin, suggestions to Remy or as pull request) after the idea spawned at a Privacy Cafe at Revspace. The image is Public Domain from here. Feedback here please. Source code here.

Tweet

Facebook

dislike this on facebook

Other Software

Pull requests for other software welcome

haproxy 2.x

global
   ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
   ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM
   tune.ssl.default-dh-param 2048

frontend http-in
      mode http
      option httplog
      option forwardfor
      option http-server-close
      option httpclose
      bind $YOUR_IP:80
      redirect scheme https code 301 if !{ ssl_fc }

frontend https-in
    option httplog
    option forwardfor
    option http-server-close
    option httpclose
    http-response add-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
    http-response add-header X-Frame-Options DENY
    bind $YOUR_IP:443 ssl crt /etc/haproxy/haproxy.pem curves X25519:secp521r1:secp384r1:prime256v1 ciphers EECDH+AESGCM:EDH+AESGCM no-sslv3 no-tlsv10 no-tlsv11

Postfix

smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/postfix.cert
smtpd_tls_key_file = /etc/ssl/postfix.key
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = EECDH+AESGCM:EDH+AESGCM
tls_preempt_cipherlist = yes

Exim

tls_certificate = /etc/exim.cert
tls_privatekey = /etc/exim.key
tls_advertise_hosts = *
tls_require_ciphers = EECDH+AESGCM:EDH+AESGCM
openssl_options = +no_sslv2 +no_sslv3

ProFTPd

TLSEngine on
TLSLog /var/ftpd/tls.log
TLSProtocol TLSv1.2
TLSRequired on
TLSCipherSuite EECDH+AESGCM:EDH+AESGCM
TLSRSACertificateFile /etc/proftpd.cert
TLSRSACertificateKeyFile /etc/proftpd.key

Dovecot

ssl = yes
ssl_cert = </etc/dovecot.cert
ssl_key = </etc/dovecot.key
ssl_min_protocol = TLSv1.2
ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM
ssl_prefer_server_ciphers = yes
ssl_dh = </etc/dhparam.pem # openssl dhparam -out /etc/dhparam.pem 4096

Hitch TLS Proxy

ciphers = "EECDH+AESGCM:EDH+AESGCM"
prefer-server-ciphers = on

Cyrus IMAP

tls_server_cert: /etc/ssl/private/cyrus.crt
tls_server_key: /etc/ssl/private/cyrus.key
tls_client_ca_file: /etc/ssl/private/intermediate.pem
tls_ciphers: EECDH+AESGCM:EDH+AESGCM
tls_versions: tls1_2

Squid Reverse Proxy

https_port 443 accel defaultsite=reverse.example.com vhost \
  cert=/etc/pki/tls/certs/star.example.com.crt \
  key=/etc/pki/tls/private/star.example.com.key \
  cafile=/etc/pki/tls/certs/CA.crt \
  options=NO_SSLv2,NO_SSLv3,NO_TLSv1,NO_TLSv1_1,SINGLE_DH_USE,SINGLE_ECDH_USE,CIPHER_SERVER_PREFERENCE,No_Compression,NO_TICKET \
  cipher=ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4 \
  tls-dh=prime256v1:/etc/pki/tls/certs/dhparams.pem

cache_peer 192.168.0.10 parent 443 0 no-query originserver login=PASS no-digest ssl ssldomain=*.example.com

Zarafa

These settings can be set in /etc/zarafa/server.cfg and gateway.cfg. 
server_ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1  # >= Debian 7 / CentOS 7
server_ssl_ciphers = EECDH+AESGCM:EDH+AESGCM
server_ssl_prefer_server_ciphers = yes or no

MySQL

[mysqld]
ssl-ca=/etc/mysql-ssl/ca-cert.pem
ssl-cert=/etc/mysql-ssl/server-cert.pem
ssl-key=/etc/mysql-ssl/server-key.pem
ssl-cipher=EECDH+AESGCM:EDH+AESGCM
# replication:
GRANT REPLICATION SLAVE ON *.* to ‘repl’@’%’ REQUIRE SSL;
STOP SLAVE;
CHANGE MASTER MASTER_SSL=1,
MASTER_SSL_CA=’/etc/mysql-ssl/ca-cert.pem’,
MASTER_SSL_CERT=’/etc/mysql-ssl/client-cert.pem’,
MASTER_SSL_KEY=’/etc/mysql-ssl/client-key.pem';
SHOW SLAVE STATUS\G;
START SLAVE;
SHOW SLAVE STATUS\G;

DirectAdmin

ssl_cipher=EECDH+AESGCM:EDH+AESGCM
SSL=1
cacert=/usr/local/directadmin/conf/cacert.pem
cakey=/usr/local/directadmin/conf/cakey.pem
carootcert=/usr/local/directadmin/conf/carootcert.pem

Postgresql

ssl = on
ssl_ciphers = 'EECDH+AESGCM:EDH+AESGCM'
password_encryption = on

OpenSSH Server

Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
KexAlgorithms curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com

OpenSSH Client

HashKnownHosts yes
Host *
  ConnectTimeout 30
  HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
  KexAlgorithms curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256
  MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
  Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
  ServerAliveInterval 10
  ControlMaster auto
  ControlPersist yes
  ControlPath ~/.ssh/socket-%r@%h:%p

Golang Server

package main

import (
    "crypto/tls"
    "log"
    "net/http"
)

func main() {
    mux := http.NewServeMux()
    mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
        w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
        w.Write([]byte("This is an example server.\n"))
    })
    cfg := &tls.Config{
        MinVersion:               tls.VersionTLS12,
        CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
        PreferServerCipherSuites: true,
        CipherSuites: []uint16{
            tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
            tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
        },
    }
    srv := &http.Server{
        Addr:         ":443",
        Handler:      mux,
        TLSConfig:    cfg,
        TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
    }
    log.Fatal(srv.ListenAndServeTLS("tls.crt", "tls.key"))
}

UniFi Controller

unifi.https.ciphers=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
unifi.https.sslEnabledProtocols=TLSv1.2

coTURN server

cipher-list="EECDH+AESGCM:EDH+AESGCM"
ec-curve-name=secp384r1
dh2066
no-tlsv1
no-tlsv1_1

Traefik TLSOptions values.yaml

tlsOptions: 
	default:
		preferServerCipherSuites: true
		cipherSuites:
			- EECDH+AESGCM:EDH+AESGCM
		minVersion: VersionTLS13
		curvePreferences:
			- secp384r1