• @foggy@lemmy.world
    link
    fedilink
    1
    edit-2
    5 months ago

    Lol you can totally do it in a home server application. It’s even okay if I’m a e-commerce store to use wildcard for example.com and shop.example.com. not a best practice, but not idiotic.

    Not idiotic unless you also have a hq.example.com that forwards a port into your internal network…

    …where ftp://hq.example.com takes you to an insecure password shield, and behind it is the SSL certificate, just chillin for anyone to snag and use as a key to deobfuscate all that SSL traffic, going across your network, your shop, your whole domain.