[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: Redirect https to AJP13

Status
Not open for further replies.
T

Tim Hutchens

Guest
I think we are essentially in the same boat. It felt like Progress was recommending the AJP approach (for multiple reasons including load balancing, I think), so I'm waiting to hear what they recommend next. It seems like the immediate recommendation would be to fall back to HTTPS proxies, but like you mentioned, I'd prefer not to manage certificates on my PASOE servers. The NIST vulnerability David Cleary referenced ( NVD - CVE-2020-1938 ) seems to be flagged as a high risk, but perhaps the way your application is written, it doesn't expose the high risk part (such as if your application doesn't have any file upload feature that stores the files in the application directories), you may feel that the risk in your environment is not worth abandoning AJP. Tim

Continue reading...
 
Status
Not open for further replies.

Similar threads

J
  • Locked
[Progress News] [Progress OpenEdge ABL] Risk Management in Financial Services: Enhancing Decision-Making with Progress Corticon
Replies
0
Views
660
John Iwuozor
J
G
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: Redirect https to AJP13
Replies
0
Views
671
goo
G
J
  • Locked
[Progress News] [Progress OpenEdge ABL] Progress Academy: Powering the Next Generation of OpenEdge Developers
Replies
0
Views
190
Joelle Andrews
J
S
  • Locked
[Progress News] [Progress OpenEdge ABL] Recommended Reading for Web Designers in 2024
Replies
0
Views
505
Suzanne Scacca
S
J
  • Locked
[Progress News] [Progress OpenEdge ABL] Navigating Regulatory Compliance Challenges in Financial Services with Progress Corticon
Replies
0
Views
453
John Iwuozor
J
Top