restrictions
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
restrictions [2013/10/10 22:23] bashfulbladder [How To Add A Restriction] |
restrictions [2019/02/24 20:15] (current) lantis [Access Restrictions] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Access Restrictions ====== | ====== Access Restrictions ====== | ||
| + | |||
| + | Access Restriction up until 1.10.0 only blocked http Traffic. Version 1.11.0 and above now blocks http and https (encrypted) traffic. | ||
| + | |||
| + | This is achieved by leveraging the Server Name Indication (SNI) extension of the TLS1.2 standard in HTTPS authentication. The host name (e.g. example.com) is served in the clear in the packet so that the server knows which certificate to send back to the client. The path (e.g. /foo.html) is only sent once the transmission is fully encrypted. That is to say, we can only match the domain of HTTPS traffic. | ||
| + | SNI is supported by all major browsers and has been gaining proliferation since the mid 2000' | ||
| ===== How To Add A Restriction ===== | ===== How To Add A Restriction ===== | ||
restrictions.1381443833.txt.gz · Last modified: 2013/10/10 22:23 by bashfulbladder
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
