Y
Hacker News
new
|
ask
|
show
|
jobs
by
drzaiusx11
32 days ago
Requiring a reverse proxy for TLS is pretty standard, but the rest of those findings are egregious (if they haven't been addressed yet.)
1 comments
akerl_
32 days ago
The part I found jarring was that it will totally do TLS for you but using a TLS stack they don’t recommend, and if you put it behind a reverse proxy you also need to know to do custom log redaction to avoid logging tokens.
link