hardhttps

Make an https server that is more resistant to client-initiated renegotiations, and other common security mistakes.

npm install hardhttps
2 downloads in the last day
5 downloads in the last week
25 downloads in the last month

hardhttps

Make an https server that is more resistant to client-initiated renegotiations, and other common security mistakes.

Not quite an A+ yet, but getting there.

Usage

var https = require('hardhttps')
https.createServer(options, handler)

The API is exactly the same as the built-in https module, but createServer is a little bit tweaked:

  1. If the secureConnection socket has an error, then it is destroyed.
  2. Only the finest TLS ciphers are used.
npm loves you