G
goo
Guest
Thanks Tim Sendt fra min iPad 13. apr. 2020 kl. 15:20 skrev Tim Hutchens : Update from Progress Community Tim Hutchens I think we are essentially in the same boat. It felt like Progress was recommending the AJP approach (for multiple reasons including load balancing, I think), so I'm waiting to hear what they recommend next. It seems like the immediate recommendation would be to fall back to HTTPS proxies, but like you mentioned, I'd prefer not to manage certificates on my PASOE servers. The NIST vulnerability David Cleary referenced ( NVD - CVE-2020-1938 ) seems to be flagged as a high risk, but perhaps the way your application is written, it doesn't expose the high risk part (such as if your application doesn't have any file upload feature that stores the files in the application directories), you may feel that the risk in your environment is not worth abandoning AJP. Tim View online You received this notification because you subscribed to the forum. To unsubscribe from only this thread, go here . Flag this post as spam/abuse.
Continue reading...
Continue reading...