Internal connections are not encrypted by default #72
Description
Using Port 80 (HTTP) for internal connections means data is transmitted in clear text, without encryption.
Sensitive customer information (like credentials, PII, or financial data) can be intercepted by anyone who gains access to the internal network or performs a Man-in-the-Middle (MITM) attack.
This could lead to data breaches, regulatory non-compliance (e.g., GDPR, PCI DSS), and reputational damage, which are considered high-impact consequences.