Upcomming changes in Galaxy

Hi,

like probably many of you, I got this mail from Galaxy:

Starting on 25/September/2021, Galaxy will implement the following changes to its infrastructure.

• Disable HTTP 1.0 protocol support
• Galaxy Sticky cookie will have a secure flag for force-ssl enabled domains
• HSTS will be sent for every force-ssl enabled domains
• Removal of some supported ciphers.

The thing is: I don’t have a clue as to any of those bullits
I assume I;m fine, hosting a simple application on Galaxy, but how can I check?
I’m, for instance, not sure what version of the HTTP protocol I use? I don’t know if I use a “Galaxy Sticky cookie”, nor am I sure if HSTS will hurt me if I do not pay attention

Basically: what do these changes mean for normal operation - can anyone explain?

And: Galaxy, please provide a bit more info! I’m not in de hosting business - that’s why I pay you

Paul

You’re probably good.
One way you can check it to try deploying the same project to the latest and clicking around a bit.

• HTTP1: compare to HTTP/2 - Wikipedia
• Sticky Cookie: GDPR and the "galaxy-sticky" cookie
• Force-ssl domains: are yours forced?
  You can check that in your Galaxy in the settings section
  
  

  Group 2 (5)1528×259 24.7 KB
  
  This is a good idea for all of your apps.
• Ciphers: I think it warns about old ciphers. I might be wrong, but you’d have to be ignoring command-line prompts for years to still be using.

Hi, you can open a ticket at support@meteor.com so we can check your domains and if they are receiving requests that would be affected by these changes.