So I've been going through various bits of my infrastructure testing security configs, so on a whim I decided to test my Readynas NV running 4.1.14 using testssl.sh.
Naturally, it identified some issues. I'm hoping that Netgear will consider incorporating the following since they are just config changes for 4.1.15
I went through and tested the following and now it's relatively more secure from an apache config standpoint. We could start getting crazy and adding stuff like XFO etc. but the following below should be a good start and disables bad ciphers and protocols.
So PLEASE PLEASE PLEASE consider adding this for the next release. And thanks for supporting such an old device all these years.
I suggest you to kindly post your concern as feature request on the Idea Exchange for Storage here. Be reminded that adding kudos to the ideas posted will help. The post that has more kudos will be subject for review by the ReadyNAS development team and might be considered to be added in the future functionality of the product.
