hbbio
commented
7 years ago Thanks. This is done in the forthcoming version.
Open tiangolo opened 7 years ago
hbbio
commented
7 years ago Thanks. This is done in the forthcoming version.
Security: PEPS is vulnerable to a POODLE attack, as it has enabled SSL v3
Opening:
https://www.ssllabs.com/ssltest/analyze.html?d=+<domain with PEPS>scans the server for security risks.A simple way to fix this would be to enable simple direct HTTP access and then letting users put a termination TLS proxy (as a HAProxy) instead of implementing TPS in PEPS' code.
It would also be simpler to configure encryption with Let's Encrypt using an additional proxy than trying to update the certificates used by PEPS in its implementation of TLS.