In short, YES! Our secure server is equipped with a number of anti-hammer methods, impersonation (threads run with the permissions of a specific user), extensive logging and not to mention support for both FTPS (TLS/SSL) as well as SFTP (v3-v6) and support for a wide range of encryption algorithms as well as self signed or purchased certificates: It is secure! We also have several research labs, government organisations, Fortune 500 companies, defence contractors as well as payment transaction firms using ProVide. And of course with more than 3 Million downloads a few others to!
Perfect score at Qualys SSL Labs official test
After implementing the following in ProVide it is now possible to configure the server to achieve a perfect score at Qualys SSL Labs official test.
- Added ability to prioritize specified elliptic curves for SSL negotiations
- Updated internal security and encryption mechanisms
- Implemented support for HTTP Strict Transport Security.
- Implemented support to individually enable/disable SSL/TLS protocols (SSL v2, SSL v3, TLS v1, TLS v1.1, TLS v1.2).
- Implemented support for forward secrecy with most browsers.
- Improved support for completely loading chain certificates including intermediate.
- Improved support for individually enable/disable SSL/TLS ciphers.
- Improved support for renegotiation (allow secure, disable client-initiated).
Requirements
- Latest version of ProVide
- Purchased certificate, either a rsa-4096 or ecdsa-p384
- For instructions on how to achieve high security, visit this page Achieving high security
