Your SSL/TLS encryption mode

user15657 · June 23, 2022, 5:45pm

Your SSL / TLS encryption mode should I use? I have recently changed these settings and I think it is giving me problems. When I entered that page, I read if I remember correctly “api request blocked” or something similar.

my website: https://bit.ly/3LLNBe1

sandro · June 23, 2022, 5:52pm

The encryption mode generally should be Full Strict. If you have selected a different setting, it is insecure.

If anything got blocked, then it may have been a firewall setting, not the encryption mode.

user15657 · June 24, 2022, 9:15am

I’ve choice full (not string) to better compatibility.

erictung · June 24, 2022, 9:25am

That equals to insecure anyway.

Imagine someone hijacks your IP address (BGP hijack) which routes the traffic to the hacker’s server with an invalid SSL certificate, because you are using non-strict Full mode, your visitors will see the hacker’s website instead of your website.

sandro · June 24, 2022, 9:27am

That’s not better compatibility, that’s no security.

Not sure why you are asking for advice when you are not following it.

sandro · June 24, 2022, 9:38am

Plus it’s all addressed in that article anyhow

No need to open a thread

sandro · June 24, 2022, 10:38am

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.