Rule from ssl under security category
Passmarked is made out of users just like you who helped supply some content. Click below to contribute to this rule. We need you.Add content to this rule
Server Name Indication (SNI) provides a way for servers to host multiple SSL domains, where in the past only one domain per IP could be configured.
Clients have been defaulting to expecting SNI to be enabled on a server, so to avoid any unexpected behaviour servers should look into enabling SNI. Gaining the extra option of hosting more domains on the same IP, which is a BIG plus.
Olders clients such as Windows XP using MSIE do not support SNI, and enabling could cause issues for clients using those systems. It is thus advised to make a informed decision on this for your specific use case.
Most newer web servers like NGINX / Apache would have SNI enabled by default. Find and disable the command currently disabling the setting.
Apache will make use of SNI when virtual hosts are configured by default as well.
Passmarked works best when you have an account. It allows you to keep a dashboard with saved data of the sites you have run through the system, we’ll alert you about important updates and you get access to the Passmarked Slack forum.Sign up to get started