Update README

telwell · web-flow · commit f7c0dd87d732 · 2021-03-19T12:59:53.000-04:00
Additional note to upgrade from `ws://` -&gt; `wss://` if using a certificate.
diff --git a/README.md b/README.md
@@ -145,7 +145,7 @@ These topics are outside of the scope of this README, but eventually will be cov
 
 ## Further Notes on Production Deployments
 
-* You will likely want to run an Nginx server with a valid HTTPS certificate doing a `proxy_pass` to the WebSocket server (running on `127.0.0.1:4343`). Then you'll have TLS-encrypted websocket traffic.
+* You will likely want to run an Nginx server with a valid HTTPS certificate doing a `proxy_pass` to the WebSocket server (running on `127.0.0.1:4343`). Then you'll have TLS-encrypted websocket traffic. If you go this route, you'll want to update your Websocket address from `ws://` -> `wss://`.
 * For a more secure setup, don't expose the HTTP proxy & and admin panel to the Internet directly. Opt for SSL port-forwarding or using a bastion server to connect to it.
 * For situations with a large number of victims/bots/implants running, you can horizontally scale out the CursedChrome server as wide as you need to. The socket handling is completely decoupled via `redis`, so it can suppose (theoretically) tens of thousands of concurrent clients. 
 
