aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2015-07-03 14:47:01 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2015-07-03 14:47:01 -0400
commit22fe600ac74fd8cf0d9c802f52ea11e536116125 (patch)
tree0ca14002d41b7bff86d55e3e1b09676fc26319f1 /config/snort
parent89fb04559a6e9bf1f5806bdbf3a351fe725485e9 (diff)
downloadpfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.tar.gz
pfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.tar.bz2
pfsense-packages-22fe600ac74fd8cf0d9c802f52ea11e536116125.zip
Use more secure CURL options for rules tarball downloads.
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php8
1 files changed, 5 insertions, 3 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 842e39d5..19930f27 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -203,9 +203,11 @@ function snort_download_file_url($url, $file_out) {
}
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Win64; x64; Trident/6.0)");
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
+ curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36");
+ curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1");
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true);
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
curl_setopt($ch, CURLOPT_TIMEOUT, 0);
// Use the system proxy server setttings if configured