On 18.10.2014 16:37, David Coulson wrote:
You mean like this?
http://blog.haproxy.com/2014/10/15/haproxy-and-sslv3-poodle-vulnerability/
On 10/18/14, 10:34 AM, Malcolm Turnbull wrote:
I was thinking Haproxy could be used to block any non-TLS
connection....
Like you can with iptables:
https://blog.g3rt.nl/take-down-sslv3-using-iptables.html
However it would be nice if you had users trying to connect via IE6/7
etc on XP to display a nice message like, please upgrade to a secure
browser chrome or firefox etc?
Is that easy to do?
Is something like this also possible with SNI or strict-SNI enabled? I
would like to issue a message when a browser doesn't support SNI.
Sander
