this post was submitted on 25 Dec 2023
31 points (97.0% liked)

homelab

6648 readers
1 users here now

founded 4 years ago
MODERATORS
 

Without SSL on the LAN side of a reverse proxy, I presume that all traffic between the server and the reverse proxy is unencrypted and, thus, accessible to any device on the LAN.

Which specific scenarios result in this being a concern? The primary concern that I can come up with is if you know that there are untrustworthy entities connected to the LAN (untrustworthy devices, or perhaps malicious individuals).

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 11 months ago (1 children)

Its worth considering to do SNI routing without decryption in the reverse-proxy, but usually it is not a major issue to just terminate.