Author

Topic: Fix website TLS (Read 477 times)

hero member
Activity: 899
Merit: 1002
January 25, 2014, 07:14:19 PM
#1
Whenever you get a chance would be great if you could fix your TLS to prevent the CRIME attack by disabling TLS compression, and disable Client-Initiated Renegotiation which is insecure and can lead to somebody DoS attacking the site. Should also blacklist junk cipher suites with DES like TLS_RSA_WITH_DES_CBC_SHA and TLS_DHE_RSA_WITH_DES_CBC_SHA they are completely useless shouldn't be supported.

Even though most browsers disable TLS compression might as well not run it anyways server side.
Jump to: