[Gluster-infra] www.gluster.org attackable by little evil dogs?

Justin Clift justin at gluster.org
Fri Oct 17 16:44:21 UTC 2014

----- Original Message -----
> Le jeudi 16 octobre 2014 à 18:58 -0400, Justin Clift a écrit :
> > Looking at this:
> > 
> >   https://www.ssllabs.com/ssltest/analyze.html?d=gluster.org
> > 
> > It's saying www.gluster.org is still vulnerable to the POODLE
> > attack.
> > 
> > Did we forget to restart the webserver or ?
> Conflicting directive in another file. Should be fixed now.

Thanks Misc, yep that worked.  We're getting an A- now instead of a C
grade.  It's listing two other minor problems, but they don't seem
like something we need to take immediate action over:

  * Certificate uses SHA1. When renewing, ensure you upgrade to SHA256.


  * The server does not support Forward Secrecy with the reference browsers. Grade reduced to A-.


Regards and best wishes,

Justin Clift

GlusterFS - http://www.gluster.org

An open source, distributed file system scaling to several
petabytes, and handling thousands of clients.

My personal twitter: twitter.com/realjustinclift

More information about the Gluster-infra mailing list