After migrating our multi-tenant application to an nginx reverse proxy which has SNI requirements, I encountered an interesting issue while doing some security clean up after a routine PCI scan. As I understand it, SNI is part of the TLSv1.1 protocol, however we discovered that nginx SNI does not work without the TLSv1 protocol being enabled. Steps to reproduce: 1. ssl_protocols TLSv1 TLSby spuniun - How to...
Recently began migration of Apache vhosting environment behind hardware load balancers to nginx/php-fpm. One of our applications is being load balanced between two CakePHP backends and depends on sessionid persistence. I have not moved forward with compiling the sticky module as of yet because it seemed that ip_hash would be enough to accomplish the same end results (I understand there are fairneby spuniun - How to...
![]() |
![]() |
![]() |
![]() |
|