> at which point you cannot postpone the kernel update anymore because you need the new device drivers, etc. etc
Irrelevant as I didn't upgrade the hardware
>You also don't want to stop updating your HTTP server, CVEs get discovered quite frequently
it's a server for serving a single static page from 1998, nothing bad will happen if that machine is compromised, well, nothing worse that what could be done for not having HTTPs
> it's a server for serving a single static page from 1998, nothing bad will happen if that machine is compromised, well, nothing worse that what could be done for not having HTTPs
Here's one: the server has a remote code execution vulnerability, which is exploited to gain root permissions, and your server is serving child porn. The cops are knocking on your door.
Granted, this isn't a pro-HTTPS argument, but you do need to keep your stuff updated, even if it is only a static site.
Irrelevant. Low traffic static website.
> at which point you cannot postpone the kernel update anymore because you need the new device drivers, etc. etc
Irrelevant as I didn't upgrade the hardware
>You also don't want to stop updating your HTTP server, CVEs get discovered quite frequently
it's a server for serving a single static page from 1998, nothing bad will happen if that machine is compromised, well, nothing worse that what could be done for not having HTTPs