User talk:Chew

Hey, as a sysadmin who really cares super strongly about security I think you should take a look at the server's supported TLS cipher suites to ensure no TLS downgrade attacks. As it stands right now, it allows for TLS 1.0 and TLS 1.1 which are considered insecure. You may want to consider disabling them in your server config. Also consider enabling CSP to protect against XSS attacks. If you're not experienced with any of this stuff, just let me know, I'm happy to help Thern (talk) 09:41, 13 June 2024 (UTC)Reply

Thanks for pointing this out. I bumped the minimum TLS to 1.2. Chew (talk) 20:04, 13 June 2024 (UTC)Reply