I was looking on cipherli.st and noticed that there are a lot of recommended settings for different HTTP servers. Even further down, you see other software. With that as the backdrop, here’s the questions:
- Are there any recommended/preferred TLS settings for security with Caddy?
- If so, can we push #1 as a pull request to the underlying project page: GitHub - RaymiiOrg/cipherli.st: Ciplerli.st - strong ciphers for NGINX, Apache and Lighttpd
I would even state this would make a compelling sales pitch if you could put a pull request in to say
Caddy Server
No settings needed. Caddy server follows all recommended TLS settings by default, as documented _here_...
etc. etc.