[Gluster-infra] www.gluster.org attackable by little evil dogs?
justin at gluster.org
Fri Oct 17 16:44:21 UTC 2014
----- Original Message -----
> Le jeudi 16 octobre 2014 à 18:58 -0400, Justin Clift a écrit :
> > Looking at this:
> > https://www.ssllabs.com/ssltest/analyze.html?d=gluster.org
> > It's saying www.gluster.org is still vulnerable to the POODLE
> > attack.
> > Did we forget to restart the webserver or ?
> Conflicting directive in another file. Should be fixed now.
Thanks Misc, yep that worked. We're getting an A- now instead of a C
grade. It's listing two other minor problems, but they don't seem
like something we need to take immediate action over:
* Certificate uses SHA1. When renewing, ensure you upgrade to SHA256.
* The server does not support Forward Secrecy with the reference browsers. Grade reduced to A-.
Regards and best wishes,
GlusterFS - http://www.gluster.org
An open source, distributed file system scaling to several
petabytes, and handling thousands of clients.
My personal twitter: twitter.com/realjustinclift
More information about the Gluster-infra