[HTTPS-Everywhere] Fwd: URGENT! BROKEN SSL MitM Vulnerability for HTTPS Everywhere --- RE: HTTPS Everywhere doesn't cover all Facebook sub domains
Chris Palmer
chris at eff.org
Fri May 6 18:08:26 PDT 2011
On May 6, 2011, at 12:58 PM, Daniel Kahn Gillmor wrote:
> RewriteEngine On
> RewriteCond %{SSL:SSL_PROTOCOL} =SSLv2
> RewriteRule .* http://some.other.site/explanation-why-sslv2-is-bad
Thanks Dan! This worked except I had to remove the "=". It should work, but I found that it didn't, and that the more general "SSLv2" does work. Awesome!
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
https://www.eff.org/code
More information about the HTTPS-everywhere
mailing list