User Panel
User Panel
User Panel
|
Posted: 2/22/2020 4:03:22 PM EDT
The site is secure, but some places will find any reason possible to scare people. Example in GD
@GoatBoy could force newest encryption on all devices, but that might break some browsers for minimal gain. There are no security holes known, just "better available" and it's not universal yet.. He CAN Enable TLS 1.3, DISABLE TLS 1.1 and get an "A" because all the Important stuff is already 100%. I'd suggest not forcing TLS1.3, only enable it, everything else looks green: See Test Details Screencap of most of it:  --ETA: Also: Configure forwarding as secure rather than a plaintext redirect. Prevent leakage on sniffs 
|
|
|
|
Posted: 2/27/2020 6:14:56 AM EDT
[#1]
Another Member Having similar issue with warning about certificate insecure.
|
|
|
|
Posted: 2/27/2020 2:00:46 PM EDT
[#2]
AWS doesn't have 1.3 support available yet, but we can shut off 1.1. The issue is always that someone will be impacted by it. (There's always someone!!!)
|
|
|
|
Posted: 2/27/2020 2:49:22 PM EDT
[#3]
Quote HistoryQuoted:
AWS doesn't have 1.3 support available yet, but we can shut off 1.1. The issue is always that someone will be impacted by it. (There's always someone!!!) --ETA: Just checked, Came out in 2014, Time sure does fly. 
|
|
|
|
Posted: 2/29/2020 3:13:36 AM EDT
[#4]
Posted this in GD instead of here:
———————————————————————————— Here's why people are getting errors (For apache, but error is explained) It's more the plaintext redirect than it is the protocol support that is making browsers give that error. Web server config should force Strict-Transport Security |
|
|
|
Posted: 9/5/2020 4:46:22 PM EDT
[#5]
Quote HistoryQuoted: AWS doesn't have 1.3 support available yet, but we can shut off 1.1. The issue is always that someone will be impacted by it. (There's always someone!!!) @Goatboy Does AWS still not support TLS 1.3? It's been out for over 2 years now and almost all major sites support it. Seems weird that AWS wouldn't by now. It's really big jump in security and speed over 1.2 All major browsers were supposed to have ended support for TLS 1.0/1.1 at the beginning of the year but covid delayed that. It's still supposed to happen before the end of the year |
|
|
|
Posted: 9/5/2020 9:38:11 PM EDT
[#6]
AWS just put this out. Not sure if it applies here though
https://aws.amazon.com/about-aws/whats-new/2020/09/cloudfront-tlsv1-3-support/ Amazon CloudFront announces support for TLSv1.3 for viewer connections Posted On: Sep 3, 2020 Amazon CloudFront now supports TLSv1.3 for improved performance and security. Amazon CloudFront is a global content delivery network (CDN) that enables you to securely distribute content to viewers with low latency and high availability. Amazon CloudFront supports HTTPS using Transport Layer Security (TLS) to encrypt and secure communication between your viewer clients and CloudFront. TLSv1.3 is the latest version of TLS. Better Performance TLSv1.3 provides better performance with a simpler handshake process that requires fewer roundtrips. TLSv1.3 requires one round-trip (1-RTT) compared to TLSv1.2 that requires two round trips (2-RTT) to negotiate a new secure connection which translates into real-world performance improvements with lower first byte latency. In our own internal tests in the US region as an example, first byte latency for new negotiated connections saw reductions of up to 33% for TLSv1.3 compared to previous versions of TLS. Security Improvements TLSv1.3 removes legacy features and older cipher suites that are present in previous versions of TLS. TLSv1.3 also supports only PFS (perfect forward secrecy) cipher suites that generate a one-time key used only for the current network session. TLSv1.3 is available today and enabled by default across all Amazon CloudFront security policies options. No additional changes are required to your CloudFront configuration to benefit from the security and performance improvements of TLSv1.3 for your viewer connections. While most modern web browsers already support TLSv1.3, clients that do not will automatically negotiate to the client's highest supported TLS version (TLS 1.2, 1.1, or 1). You may select a minimum supported security policy when using a custom SSL certificate. To learn more about supported protocols and ciphers between viewers and CloudFront, see the CloudFront Developer Guide. To learn more about Amazon CloudFront, visit our product page. |
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
