Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
josh :bocchi_arch: (josh@phocks.eu.org)'s status on Friday, 29-Sep-2023 18:44:57 JST josh :bocchi_arch:

in case anyone needs to add websocket support to their reverse proxy config in nginx you just need to add these lines under your "location":
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
(silly me for thinking it would be something like websocket_support true)

In conversation about a year ago from phocks.eu.org permalink
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:34 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  https://github.com/drwetter/testssl.sh
  This is how I know, very nice tool.
  In conversation about a year ago permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
    
    GitHub - drwetter/testssl.sh: Testing TLS/SSL encryption anywhere on any port
    
    Testing TLS/SSL encryption anywhere on any port . Contribute to drwetter/testssl.sh development by creating an account on GitHub.
  Sexy Moon likes this.
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:35 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  Btw you have TLS 1 enabled which is a no no, don't do that lol.
  
  In conversation about a year ago permalink
- Embed this notice
  josh :bocchi_arch: (josh@phocks.eu.org)'s status on Friday, 29-Sep-2023 18:44:36 JST josh :bocchi_arch:
  in reply to
  - Dushman
  @dushman awesome. thanks. amazing how much of the world is run on text files
  
  In conversation about a year ago permalink
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:37 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  Or just the cipher portion. Put this in the http block as well. # Enables the specified protocols. ssl_protocols TLSv1.2 TLSv1.3; # Secure cipher configuration. ssl_ecdh_curve X25519:X448:secp384r1:secp521r1:secp256r1; ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256; # You may need to disable this parameter on legacy nginx versions. ssl_conf_command Ciphersuites TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256;
  
  In conversation about a year ago permalink
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:38 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  here
  In conversation about a year ago permalink
  Attachments
  1. Untitled attachment
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:39 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  I can send you the whole nginx.conf I made. Includes directives to only support modern and secure ciphers.
  
  In conversation about a year ago permalink
- Embed this notice
  josh :bocchi_arch: (josh@phocks.eu.org)'s status on Friday, 29-Sep-2023 18:44:55 JST josh :bocchi_arch:
  in reply to
  - Dushman
  @dushman woo awesome! Thanks!
  
  In conversation about a year ago permalink
- Embed this notice
  Dushman (dushman@den.raccoon.quest)'s status on Friday, 29-Sep-2023 18:44:57 JST Dushman
  in reply to
  
  @josh@phocks.eu.org
  Just put this in the http block of nginx.conf to have websocket support for everything # Helper variable for proxying websockets. map $http_upgrade $connection_upgrade { default upgrade; '' close; }
  
  In conversation about a year ago permalink

Public

Conversation

Notices

Feeds