Hardenize The Website - Githubissues

digitalautonomy / wahay

an easy-to-use, secure and decentralized conference call application (this repository is a mirror of an internal work repository)

https://wahay.org

GNU General Public License v3.0

128 stars 15 forks source link

Hardenize The Website #23

Closed Nurmagoz closed 3 years ago

Nurmagoz commented 3 years ago

Checking the website security configurations through:

Website TLS/DNS/Headers... need to have alot of improvements hope these reports show where/what work need to be done.

rafaelbonifaz commented 3 years ago

Thanks a lot @TNTBOMBOM, with @peterpalau we had hardenized the website. The only thing that is missing at the time is HSTS preload, we are waiting for our submission to be approved in hstspreload.org.

Nurmagoz commented 3 years ago

I hope as well to see if you can have DNSSEC , CAA (both recommended as mandatory) And might be good idea as well for future security to have ESNI effective (from user side) which require to have TLS 1.3 enabled on the server side.

You welcome anytime :)

Rafael Bonifaz:

Thanks a lot @TNTBOMBOM, with @peterpalau we had hardenized the website. The only thing that is missing at the time is HSTS preload, we are waiting for our submission to be approved in hstspreload.org.