Close
Page 3 of 3 FirstFirst 123
Results 21 to 22 of 22
  1. #21
    Anthony Weiner of COAR cfortune's Avatar
    Join Date
    Mar 2010
    Location
    Thornton
    Posts
    1,268

    Default

    Quote Originally Posted by J View Post
    And SSLv3 disabled now too. Not that I worry about it as much here, we are providing basic privacy security for posters, not protecting financial or ultra-sensitive information. Had already done that on all of my eCommerce sites/clients.
    Yeah, I neglected to add "not that it matters much for this site".
    My Feedback

    Quote Originally Posted by TDYRanger View Post
    HK's are made by magic Nordic Valkyrie's, forged in the Valhalla and personally hammer stamped by Odin. The shipping cost from Valhalla is ridiculous thus the extra cost. But Valkyrie craftsmanship is really the top of the top

  2. #22
    Machine Gunner
    Join Date
    Oct 2009
    Location
    SE Denver
    Posts
    2,197

    Default

    Quote Originally Posted by cfortune View Post
    Cert just expired at 10:00 something AM today and trot is right, no difference in the security of the site prior to 10:00.

    When you do a renewal, make sure to have your certificate authority do a SHA-256 certificate. Chrome and local cert stores for Microsoft (I think anyway, haven't looked too much into this) will start throwing certificate errors sometime in November. That's what Google has ball parked for their release which will enforce this. I just got done replacing all our certificates at work because of this.

    Also, SSL v3 has a vulnerability right now and TLS without v3 fallback should be configured.
    This is good advice. The new certificate is unfortunately SHA1 still. Edit: Nevermind, was looking at the thumbprint.
    Last edited by DeusExMachina; 10-23-2014 at 09:23.
    Keep Calm and Carry.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •