prosody-modules: mod_warn_legacy_tls/README.markdown annotate

annotate mod_warn_legacy_tls/README.markdown @ 5906:cc30c4b5f006

mod_audit_auth: Allow suppressing repeated failure/success log entries from the same IP for a time This can be triggered by e.g. a distributed brute force attack, or from Monal.

author	Matthew Wild <mwild1@gmail.com>
date	Mon, 13 May 2024 18:30:18 +0100 (10 months ago)
parents	5073bbd86970
children

rev	line source
3728 5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	1 TLS 1.0 and TLS 1.1 are about to be obsolete. This module warns clients
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	2 if they are using those versions, to prepare for disabling them.
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	3
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	4 # Configuration
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	5
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	6 ``` {.lua}
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	7 modules_enabled = {
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	8 -- other modules etc
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	9 "warn_legacy_tls";
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	10 }
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	11
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	12 -- This is the default, you can leave it out if you don't wish to
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	13 -- customise or translate the message sent.
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	14 -- '%s' will be replaced with the TLS version in use.
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	15 legacy_tls_warning = [[
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	16 Your connection is encrypted using the %s protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client.
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	17 ]]
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	18 ```
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	19
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	20 ## Options
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	21
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	22 `legacy_tls_warning`
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	23 : A string. The text of the message sent to clients that use outdated
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	24 TLS versions. Default as in the above example.
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	25
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	26 `legacy_tls_versions`
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	27 : Set of TLS versions, defaults to
5073bbd86970 mod_warn_legacy_tls: Add a README Kim Alvefur <zash@zash.se> parents: diff changeset	28 `{ "SSLv3", "TLSv1", "TLSv1.1" }`{.lua}, i.e. TLS \< 1.2.

Mercurial > prosody-modules

annotate mod_warn_legacy_tls/README.markdown @ 5906:cc30c4b5f006