Apache 2.4 Webserver

Certificate

Pin domain to certification authority https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum

TLS1.3 Support on OpenSSL (in development)

A good explanation why TLS1.3 is great https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a

Test connection in your browser with a TLS1.3 only server https://tls13.crypto.mozilla.org

Man in the Middle Attacks (MITM)

So far it is not clear if TLS1.3 will effectively warn and disallow man in the middle attacks of so called security boxes. These boxes are mostly outdated security voodoo and make web traffic insecure without warning the users that this will allow the security box admin to read all web traffic including passwords.

Firewall

Open port check see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/Security_Guide/s1-server-ports.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.