alt Hacker NewsWait, so bots watch for new records added to this HTTPS cert public ledger, then immediately start attacking?
To me that sounds like enabling HTTPS is actually a risk here…
Replies
moontear • last Monday at 10:20 AM
Yes. Yes, of course they do. Check for example https://crt.sh with your domain name to see the glorious public history of everything the certificates tell about your domain.
The server was already exposed. All this does is remove obscurity