Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: https upgrade  (Read 2824 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
https upgrade
« on: April 25, 2019, 11:57:08 PM »

Say I have a web server that supports TLS. If a user connects with http 1.x not https, then can I force them to upgrade to https or die? That is, not accepting ‘no’ for an answer, so telling them to get stuffed if they claim they just can’t speak https?

Is the same true now for older https family protocols ? So could you ban SSL 3.0 or lower, ir even ban anything below TLS 1.2
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: https upgrade
« Reply #1 on: April 26, 2019, 08:32:44 PM »

yes you can add a redirect to https if someone accesses via http, which would of course make them fail if they either dont talk https or they reject all your ciphers.

You can also only allow specific protocols.

Some more info here.

https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html

Let me know if you need it for a different webserver.
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: https upgrade
« Reply #2 on: April 27, 2019, 02:09:17 AM »

I do what Chrys recommends.   I redirect all http to https.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker