0

My gut instinct is that best practice would be to ensure that all internal servers communicate over HTTPS and that all servers are authenticated to each other.

That would indeed be dream case scenario.

However, I'm trying to consider if it is ever acceptable for an internal server to communicate, via HTTP, to another internal server without needing to authenticate to that server.

The risk is surely that someone malicious in the network could reek havoc by not only being able to read all traffic between those servers but by replacing the receiving server with one that is under their control.

Any comment on this would be greatly appreciated.

ellefc
  • 509
  • 2
  • 7
  • 14
  • 1
    If someone is able to replace one of your servers with another one, you have problems that HTTPS would be unable to solve... – ThoriumBR Nov 07 '18 at 13:44

1 Answers1

0

It is easy enough to encrypt traffic and setup/maintain valid internal certificates that I the pros are well worth the effort. Encrypt your internal traffic.

DarkMatter
  • 2,681
  • 2
  • 6
  • 23