diff options
| author | Matthew Holt <mholt@users.noreply.github.com> | 2021-02-16 13:31:53 -0700 |
|---|---|---|
| committer | Matthew Holt <mholt@users.noreply.github.com> | 2021-02-16 14:05:31 -0700 |
| commit | fbd00e4b53226164a9aae5f44bd52328d4e59d96 (patch) | |
| tree | d605af61688f312d8c34507528638a3077661303 /modules/caddyhttp/app.go | |
| parent | bafb562991598df703a744e13cbc06472e71349e (diff) | |
Improve security warnings
Diffstat (limited to 'modules/caddyhttp/app.go')
| -rw-r--r-- | modules/caddyhttp/app.go | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go index 42e7725..4f5bc84 100644 --- a/modules/caddyhttp/app.go +++ b/modules/caddyhttp/app.go @@ -176,8 +176,8 @@ func (app *App) Provision(ctx caddy.Context) error { // domain fronting is desired and access is not restricted // based on hostname if srv.StrictSNIHost == nil && srv.hasTLSClientAuth() { - app.logger.Info("enabling strict SNI-Host matching because TLS client auth is configured", - zap.String("server_name", srvName), + app.logger.Warn("enabling strict SNI-Host enforcement because TLS client auth is configured", + zap.String("server_id", srvName), ) trueBool := true srv.StrictSNIHost = &trueBool @@ -283,7 +283,6 @@ func (app *App) Validate() error { } } } - return nil } |