this post was submitted on 05 Apr 2024
276 points (86.3% liked)

Technology

59402 readers
2904 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

cross-posted from: https://lemmy.ml/post/14100831

"No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov

you are viewing a single comment's thread
view the rest of the comments
[–] unautrenom@jlai.lu 3 points 7 months ago (4 children)

Expose your subdomains as in having all of them bundled into one certificate?

AFAIK, you absolutely can request different certs for each subdomain (in fact, that's what I've been doing for a while).

[–] foggy@lemmy.world -1 points 7 months ago (3 children)

No, as in they are public record.

If you use a wildcard let's encrypt SSL to encrypt www.mydomain.com and VPS.mydomain.com and secret.mydomain.com and allmyporn.mydomain.com, and Plex.mydomain.com, and gitlab.mydomain.com

Then it is public record that mydomain.com has associated with it the CNAMES "www" "VPS" "secret" "allmyporn" "Plex" and "gitlab".

It can be looked up by anyone here. Just type in "%.yourdomain"

That is to say if you use a wildcard letsencrypt SSL on all your subdomains for you self hosting project, you're more exposed than want to be.

[–] Saik0Shinigami@lemmy.saik0.com 1 points 7 months ago (2 children)

No it's not. I have several wildcards. Your tool doesn't show any of the subdomains i have then used on. Go hit %.saik0.com and show me where lemmy.saik0.com shows up. I'll wait.