diff options
| author | bmeeks8 <bmeeks8@bellsouth.net> | 2015-07-22 20:43:01 -0400 |
|---|---|---|
| committer | bmeeks8 <bmeeks8@bellsouth.net> | 2015-07-22 20:43:01 -0400 |
| commit | bfc2bbc091587f5b9ed0f0c8476c63ff6640bda6 (patch) | |
| tree | bb5a238f54b24784bbba5c082415e9e1483ab6a0 /config/suricata | |
| parent | afba4e722681c35163ec48b7cacffa8b8cb88e5f (diff) | |
| download | pfsense-packages-bfc2bbc091587f5b9ed0f0c8476c63ff6640bda6.tar.gz pfsense-packages-bfc2bbc091587f5b9ed0f0c8476c63ff6640bda6.tar.bz2 pfsense-packages-bfc2bbc091587f5b9ed0f0c8476c63ff6640bda6.zip | |
Use more secure CURL options for rules tarball downloads.
Diffstat (limited to 'config/suricata')
| -rw-r--r-- | config/suricata/suricata_check_for_rule_updates.php | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php index 9360d464..67334957 100644 --- a/config/suricata/suricata_check_for_rule_updates.php +++ b/config/suricata/suricata_check_for_rule_updates.php @@ -196,9 +196,11 @@ function suricata_download_file_url($url, $file_out) { } curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Win64; x64; Trident/6.0)"); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); + curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36"); + curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1"); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Use the system proxy server setttings if configured |