标签

 security 

相关的文章:

Percona Database Performance Blog -

Enhancing PostgreSQL Security: How to Encrypt the pgBackRest Repository

Encryption is the process of turning data into an unrecognizable format unless the necessary password (also known as passphrase) or decryption key is provided.This blog describes how to encrypt the pgBackRest repository. pgBackRest is the backup tool used to perform Postgres database backup, restoration, and point-in-time recovery (PITR). The repository is where pgBackRest stores backups […]

AI生成摘要 本文介绍了如何加密pgBackRest存储库的过程。pgBackRest是用于执行Postgres数据库备份、恢复和时间点恢复(PITR)的备份工具。存储库是pgBackRest存储备份和归档WAL段的地方。pgBackRest将根据用户提供的密码对存储库进行加密,从而防止未经授权访问存储在存储库中的数据。在演示中,假设pgBackRest已经安装和配置在专用备份节点上,并配置为从远程数据库节点进行备份。将配置存储库的密码类型和密钥以演示加密。

相关推荐 去reddit讨论

GitLab -

GitLab Security Release: 16.6.1, 16.5.3, 16.4.3

Today we are releasing versions 16.6.1, 16.5.3, 16.4.3 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version. GitLab releases patches for vulnerabilities in dedicated security releases. There are two types of security releases: a monthly, scheduled security release, released a week after the feature release (which deploys on the 3rd Thursday of each month), and ad-hoc security releases for critical vulnerabilities. For more information, you can visit our security FAQ. You can see all of our regular and security release blog posts here. In addition, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched. We are dedicated to ensuring all aspects of GitLab that are exposed to customers or that host customer data are held to the highest security standards. As part of maintaining good security hygiene, it is highly recommended that all customers upgrade to the latest security release for their supported version. You can read more best practices in securing your GitLab instance in our blog post. Recommended Action We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible. When no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected. Table of fixes Title Severity XSS and ReDoS in Markdown via Banzai pipeline of Jira High Members with admin_group_member custom permission can add members with higher role High Release Description visible in public projects despite release set as project members only through atom response Medium Manipulate the repository content in the UI (CVE-2023-3401 bypass) Medium External user can abuse policy bot to gain access to internal projects Medium Client-side DOS via Mermaid Flowchart Medium Developers can update pipeline schedules to use protected branches even if they don't have permission to merge Medium Users can install Composer packages from public projects even when Package registry is turned off Medium Unauthorized member can gain Allowed to push and merge access and affect integrity of protected branches Low Guest users can react (emojis) on confidential work items which they cant see in a project Low XSS and ReDoS in Markdown via Banzai pipeline of Jira Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allowed attacker to execute javascript in victim's browser. This is a high severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N, 8.7). It is now mitigated in the latest release and is assigned CVE-2023-6033. Thanks yvvdwf for reporting this vulnerability through our HackerOne bug bounty program. Members with admin_group_member custom permission can add members with higher role An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. When a user is assigned a custom role with admin_group_member` enabled, they may be able to add a member with a higher static role than themselves to the group which may lead to privilege escalation. This is a high severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N, 8.1). It is now mitigated in the latest release and is assigned CVE-2023-6396. This vulnerability was discovered internally by GitLab team member jarka. Release Description visible in public projects despite release set as project members only through atom response An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for unauthorized users to view a public projects' release descriptions via an atom endpoint when release access on the public was set to only project members This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, 5.3). It is now mitigated in the latest release and is assigned CVE-2023-3949. Thanks ashish_r_padelkar for reporting this vulnerability through our HackerOne bug bounty program. Manipulate the repository content in the UI (CVE-2023-3401 bypass) An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to manipulate repository content in the UI. This is a medium severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N, 4.8). It is now mitigated in the latest release and is assigned CVE-2023-5226. Thanks shells3c for reporting this vulnerability through our HackerOne bug bounty program. External user can abuse policy bot to gain access to internal projects An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects. This is a medium severity issue (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N, 4.4). It is now mitigated in the latest release and is assigned CVE-2023-5995. Thanks joaxcar for reporting this vulnerability through our HackerOne bug bounty program. Client-side DOS via Mermaid Flowchart An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted mermaid diagram input. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L, 4.3). It is now mitigated in the latest release and is assigned CVE-2023-4912. Thanks toukakirishima for reporting this vulnerability through our HackerOne bug bounty program. Developers can update pipeline schedules to use protected branches even if they don't have permission to merge An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch to a protected branch. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N, 4.3). It is now mitigated in the latest release and is assigned CVE-2023-4317. Thanks js_noob for reporting this vulnerability through our HackerOne bug bounty program. Users can install Composer packages from public projects even when Package registry is turned off An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for users to access composer packages on public projects that have package registry disabled in the project settings. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, 4.3). It is now mitigated in the latest release and is assigned CVE-2023-3964. Thanks js_noob for reporting this vulnerability through our HackerOne bug bounty program. Unauthorized member can gain Allowed to push and merge access and affect integrity of protected branches An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the Allowed to merge permission as a guest user, when granted the permission through a group. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N, 3.1). It is now mitigated in the latest release and is assigned CVE-2023-4658. Thanks theluci for reporting this vulnerability through our HackerOne bug bounty program. Guest users can react (emojis) on confidential work items which they cant see in a project An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a Guest user to add an emoji on confidential work items. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N, 3.1). It is now mitigated in the latest release and is assigned CVE-2023-3443. Thanks ashish_r_padelkar for reporting this vulnerability through our HackerOne bug bounty program. Mattermost Security Update Mattermost has been updated to the latest patch release to mitigate several security issues. Update to PG 14.9 and 13.12 PostgreSQL has been updated to 14.9 and 13.12 to mitigate CVE-2023-39417. Update pcre2 to 10.42 pcre2 has been updated to version 10.42 to mitigate CVE-2022-41409. Non Security Patches 16.6.1 Install Gitaly dependencies for project archiving (16.6 backport) Fix intermittent 404 errors loading GitLab Pages Prefer custom sort order with search in users API Backport "Fix group page erroring because of nil user" to 16-6-stable-ee Skip encrypted settings logic for Redis when used by Mailroom Allow + char in abuse detection for global search Backport "Move unlock pipeline cron scheduler out of ee" to 16.6 Fix bug with pages_deployments files not being deleted on disk Backport - Truncate verification failure message to 255 Backport "Revert "Merge branch 'sc1-release-goredis' into 'master'"" 16.5.3 Backport 10871d71b171db38701bfefe15883b05c234ca6d to 16-5-stable Geo: Reduce batch size of verification state backfill 16.4.3 Backport 10871d71b171db38701bfefe15883b05c234ca6d to 16-4-stable Backport to 16.4 the fix for test failure due to "not-existing.com" being registered Bump asdf-bootstrapped-verify version on 16.4 Fix bulk batch export of badges and uploads [16.4] ci: Fix broken master by not reading GITLAB_ENV Fix assign security check permission checks For 16.4: Fix Geo verification state backfill job can exceed batch size Geo: Reduce batch size of verification state backfill Updating To update GitLab, see the Update page. To update Gitlab Runner, see the Updating the Runner page. Receive Security Release Notifications To receive security release blog notifications delivered to your inbox, visit our contact us page. To receive release notifications via RSS, subscribe to our security release RSS feed or our RSS feed for all releases.

AI生成摘要 GitLab has released security patches for various versions of GitLab Community Edition (CE) and Enterprise Edition (EE). These patches address vulnerabilities such as XSS and ReDoS attacks, privilege escalation, unauthorized access to project information, and denial of service attacks. It is recommended that all users upgrade to the latest security release to ensure their installations are protected.

相关推荐 去reddit讨论

The Keyword -

The latest Titan Security Key is in the Google Store

picture of two new titan security keys

AI生成摘要 谷歌在纽约的Aspen Cyber Summit上发布了最新版本的Titan安全密钥,现在可以在谷歌商店购买。从2024年开始,谷歌将与行业合作伙伴一起向全球高风险用户免费分发10万个新的安全密钥。这些密钥可以防止密码被盗,使用FIDO2凭据和密码学,提供更安全的登录方式。新的密钥还具有NFC功能,可以与移动设备轻松连接,并能存储超过250个唯一的凭据。

相关推荐 去reddit讨论

ByteByteGo Newsletter -

EP84: Top 12 Tips for API Security

This week’s system design refresher: *BIG* Announcement: We’ve launched an Instagram account Top 12 Tips for API Security Our Recommended Materials For Cracking Your Next Tech Interview (Youtube video) How To Release A Mobile App Git Vs Github *BIG* Announcement: We’ve launched an Instagram account

AI生成摘要 本文介绍了本周的系统设计复习内容,包括API安全、发布移动应用、Git和GitHub等方面的知识。此外,还宣布了推出Instagram账号,并提供了QA Wolf的测试服务和推荐材料,以及移动应用发布过程中的各个阶段和挑战。文章提供了有关Git和GitHub的基本知识,强调了它们在软件工程中的重要性。

相关推荐 去reddit讨论

Redis Blog -

Redis Cloud Gains Payment Card Industry Data Security Standard Certification

Redis Cloud Flexible and Annual plans across all AWS and Google Cloud regions achieve certification The post Redis Cloud Gains Payment Card Industry Data Security Standard Certification   appeared first on Redis.

AI生成摘要 Redis Cloud宣布其已获得PCI DSS Level 1认证,该认证适用于所有可能存储、处理和/或传输持卡人数据的实体,以及这些业务实体的服务提供商。Redis Cloud的灵活和年度计划已在所有AWS和Google Cloud区域获得认证。该认证证明Redis Cloud已满足最严格的安全标准,是一种Level 1服务提供商,意味着客户可以使用该产品每年处理超过600万笔交易。Redis Cloud是一种成本效益高、实时数据平台,可作为完全托管的数据库服务提供,可在AWS和Google Cloud上进行私有、混合和多云部署。

相关推荐 去reddit讨论

Redis Blog -

Elevating Data Security: Redis Cloud Achieves PCI DSS Certification

You may wonder – what exactly does this certification mean? Let us break down the importance of PCI DSS certification and how it helps you confidently deliver data-oriented applications. The post Elevating Data Security: Redis Cloud Achieves PCI DSS Certification appeared first on Redis.

AI生成摘要 Redis Cloud has earned the Payment Card Industry's Data Security Standard (PCI DSS) certification for its Flexible and Annual plans on Amazon Web Services (AWS) and Google Cloud. This certification ensures that customer's cardholder data is protected via technical, operational, and physical security safeguards. Redis Cloud has also expanded its security materials available to customers in its Customer Trust Center. Customers can obtain the PCI Responsibility Matrix and Attestation of Compliance to ensure the visibility and confidence they need into Redis' security practices. Redis University also offers a free course about security topics.

相关推荐 去reddit讨论

Databricks -

Secure your workspaces with new platform security controls for Databricks on Google Cloud

We are excited to announce the general availability (GA) of several key security features for Databricks on Google Cloud: Private connectivity with Private...

AI生成摘要 Databricks on Google Cloud has announced the general availability of Private Service Connect, customer-managed keys, and IP access lists. These security features aim to protect data at rest, keep data private, and mitigate data exfiltration risks on the Databricks Lakehouse Platform. Private Service Connect allows for end-to-end private workspaces, customer-managed keys protect data at rest, and IP access lists secure the network perimeter. These features are available on the Premium Tier of Google Cloud and can be configured using step-by-step instructions provided in the documentation.

相关推荐 去reddit讨论

GitLab -

GitLab Security Release: 16.5.1, 16.4.2, 16.3.6

Today we are releasing versions 16.5.1, 16.4.2, 16.3.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version. GitLab releases patches for vulnerabilities in dedicated security releases. There are two types of security releases: a monthly, scheduled security release, released a week after the feature release (which deploys on the 3rd Thursday of each month), and ad-hoc security releases for critical vulnerabilities. For more information, you can visit our security FAQ. You can see all of our regular and security release blog posts here. In addition, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched. We are dedicated to ensuring all aspects of GitLab that are exposed to customers or that host customer data are held to the highest security standards. As part of maintaining good security hygiene, it is highly recommended that all customers upgrade to the latest security release for their supported version. You can read more best practices in securing your GitLab instance in our blog post. On 2023-10-20 11:03 UTC, GitLab internally discovered (CVE-2023-5831) that a change in the GitLab sidebar feature resulted in self-managed GitLab instances sending version-checks to version.gitlab.com each time they opened a page on their GitLab instance. This means that the hostnames and current versions of self-managed GitLab instances were being sent to version.gitlab.com any time a user of that GitLab instance opened any page, regardless of whether or not the sending of version-check was enabled. This information was only accessible to some GitLab team members and was not exposed externally, and GitLab is working to purge the erroneously collected data from our database. Recommended Action We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible. When no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected. Table of fixes Title Severity Disclosure of CI/CD variables using Custom project templates High GitLab omnibus DoS crash via OOM with CI Catalogs Medium Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service Medium DoS - Blocking FIFO files in Tar archives Medium Titles exposed by service-desk template Medium Approval on protected environments can be bypassed Low Version information disclosure when super_sidebar_logged_out feature flag is enabled Low Add abuse detection for search syntax filter pipes Low Disclosure of CI/CD variables using Custom project templates An issue has been discovered in GitLab affecting all versions starting from 11.6 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. It was possible for an unauthorised project or group member to read the CI/CD variables using the custom project templates. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N, 8.5). It is now mitigated in the latest release and is assigned CVE-2023-3399. Thanks theluci for reporting this vulnerability through our HackerOne bug bounty program. GitLab omnibus DoS crash via OOM with CI Catalogs An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, 6.5). It is now mitigated in the latest release and is assigned CVE-2023-5825. Thanks blakbat for reporting this vulnerability through our HackerOne bug bounty program" Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of Service was possible by adding a large string in timeout input in gitlab-ci.yml file." This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L, 4.3). It is now mitigated in the latest release and is assigned CVE-2023-3909. Thanks akadrian for reporting this vulnerability through our HackerOne bug bounty program. DoS - Blocking FIFO files in Tar archives An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows an attackers to block Sidekiq job processor. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L, 4.3). It is now mitigated in the latest release and is assigned CVE-2023-3246. Thanks zhutyra for reporting this vulnerability through our HackerOne bug bounty program. Titles exposed by service-desk template An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. Arbitrary access to the titles of an private specific references could be leaked through the service-desk custom email template. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N, 3.1). It is now mitigated in the latest release and is assigned CVE-2023-5600. Thanks yvvdwf for reporting this vulnerability through our HackerOne bug bounty program. Approval on protected environments can be bypassed An authorization issue affecting GitLab EE affecting all versions from 14.7 prior to 16.3.6, 16.4 prior to 16.4.2, and 16.5 prior to 16.5.1, allowed a user to run jobs in protected environments, bypassing any required approvals. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N, 3.5). It is now mitigated in the latest release and is assigned CVE-2023-4700. Thanks Gregor Pirolt for reporting this vulnerability through our HackerOne bug bounty program. Version information disclosure when super_sidebar_logged_out feature flag is enabled An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the super_sidebar_logged_out feature flag enabled. Affected versions with this default-disabled feature flag enabled may unintentionally disclose GitLab version metadata to unauthorized actors. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N, 3.7). It is now mitigated in the latest release and is assigned CVE-2023-5831. This vulnerability was discovered internally by the GitLab team. Add abuse detection for search syntax filter pipes An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators. This is a low severity issue (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L, 3.1). It is now mitigated in the latest release. We have requested a CVE ID and will update this blog post when it is assigned. This vulnerability was found internally by GitLab. Update curl to v8.4.0 curl has been updated to v8.4.0 to mitigate CVE-2023-38545. Update mermaid to 10.5.0 mermaid has been updated to 10.5.0 to mitigate a security issue. Patch NGINX for CVE-2023-44487 NGINX has been patched to mitigate CVE-2023-44487. Non Security Patches 16.5.1 Revert better-error-messages-for-pull-mirroring Update post migration to drop column only if it exists Downgrade vue-apollo to prevent auto-restarting subscriptions on error 16.4.2 UBI: Explicitly add webrick gem to mailroom build Update VERSION files Update dependency prometheus-client-mmap to '>= 0.28.1' Backport: fix migration when commit_message_negative_regex is missing Backport to 16.4: Geo: Avoid getting resources stuck in Queued Fix pipeline schedules view when owner is nil Quarantine flaky delete_job_spec:46 Create Geo event when project is created Fix bug with batched gitaly ref deletion duplicates 16.3.6 UBI: Explicitly add webrick gem to mailroom build Backport 16.3: Upgrade exiftool to 12.65 Fixes the 16-3-stable branch Backport to 16.3: Geo: Avoid getting resources stuck in Queued Updating To update GitLab, see the Update page. To update Gitlab Runner, see the Updating the Runner page. Receive Security Release Notifications To receive security release blog notifications delivered to your inbox, visit our contact us page. To receive release notifications via RSS, subscribe to our security release RSS feed or our RSS feed for all releases.

AI生成摘要 GitLab发布了16.5.1、16.4.2和16.3.6版本的安全更新,修复了多个漏洞,包括CI/CD变量泄露、GitLab Omnibus DoS崩溃、GitLab CI/CD YAML文件中的DoS攻击、阻塞FIFO文件的DoS攻击、服务台模板中的标题泄露、受保护环境中的授权问题和版本信息泄露等。建议所有用户立即升级到最新版本。此外,GitLab还更新了curl和mermaid,修复了NGINX的安全问题。

相关推荐 去reddit讨论

解道jdon.com -

讨厌Spring Security复杂性?

使用Spring Security很复杂吗?这是一个有关简化Spring 的简单用户管理框架/入门的开源工具:提供基于 Spring Security 的注册、登录、注销等功能。 这个小框架允许您使用properties.yml配置Spring Security,并为您提供一些简单的入门注册、登录、Google和Facebook注册/登录等... SpringUserFramework 是一个 Java Spring Boot 用户管理框架,旨在简化基于 Spring

AI生成摘要 SpringUserFramework是一个基于Spring的用户管理框架,提供注册、登录、注销和忘记密码流程等功能,支持本地数据库和SSO集成,采用REST API设计框架,支持国际化和安全审计跟踪,提供角色和权限设置服务。该框架旨在简化基于Spring的Web应用程序中用户管理功能的实现。

相关推荐 去reddit讨论

The Cloudflare Blog -

Email Routing subdomain support, new APIs and security protocols

It's been two years since we announced Email Routing, our solution to create custom email addresses for your domains and route incoming emails to your preferred mailbox. Since then, the team has worked hard to evolve the product and add more powerful features to meet our users' expectations.

AI生成摘要 Cloudflare has announced three new features for its Email Routing service, which allows users to create custom email addresses for their domains and route incoming emails to their preferred mailbox. The new features include support for two new email security protocols, Authenticated Received Chain (ARC) and MTA Strict Transport Security (MTA-STS), as well as the ability to send emails and replies from Workers. Additionally, Cloudflare has added support for subdomains, allowing users to use Email Routing with any subdomain of any zone in their account. The new features are free for Cloudflare customers and are designed to make email more secure, flexible, and powerful.

相关推荐 去reddit讨论

热榜 Top10
...
天勤数据
...
白鲸技术栈
...
eolink
...
观测云
...
LigaAI
...
Dify.AI
...
ShowMeBug
推荐或自荐