Got SLL?
[ There is a presentation embedded in this post, view the original post to see it. ] This talk is a call to arms to all of you as web developers. In the next 30 minutes, I hope to convince you of the...
View Articlegoto elephant;
@Inferis, on Apple’s SSL verification bug: I still think it’s funny people complain about the “missing” {} when the `goto` statements are the elephant in the room. — Tom Adriaenssen (@Inferis) February...
View ArticleWhy Google is Hurrying the Web to Kill SHA-1
Something like 90% of websites that use SSL encryption use an algorithm called SHA-1 to protect themselves from being impersonated. This guarantees that when you go to green lock for facebook.com,...
View ArticleSSL Config Generator
Just choose the web server / web front you’re using (Apache, Nginx, HAProxy) + whether you want to support only modern, intermediate, or old versions of browsers and a proper configuration will be...
View ArticleLong overdue: HTTPS for the App Store
Early July 2012, I reported to Apple numerous vulnerabilities related to their App Store iOS app. Early March Apple finally issued a fix for it and turned on HTTPS for the App Store. I am really happy...
View ArticleMigrating your WordPress website from HTTP to HTTPS
In light of #https2015 I flipped the switch on bram.us earlier today: from today forth bram.us is only accessible over HTTPS. If you run a news site, or any site at all, we’d like to issue a friendly...
View ArticleDiff two certificate files with certdiff
If you’ve ever had to handle certificates, it can sometimes – especially when renewing them – become confusing to know which certificate is which. Enter certdiff, a handy diff tool for certificates, by...
View ArticleUpGuard Web Scan
The UpGuard external cyber audit uses publicly available information to grade your cyber risk posture. External scans are convenient and non-invasive but require an internal scan to assess the...
View ArticleValidating SSL certificates with PHP
Great stuff again by Freek Murze from Spatie: A PHP class to easily check the validity of an SSL Certificate. Easily? Yes, easily: $certificate = SslCertificate::createForHostName('spatie.be');...
View ArticleLaravel Uptime Monitor
Today Freek from spatie released a new package: Laravel-uptime-monitor is a powerful, easy to configure uptime monitor. It will notify you when your site is down (and when it comes back up). You can...
View ArticleOn “Secure Contexts” in Firefox, HTTPS for local development, and a potential...
This post also got published on Medium. If you like it, please give it some love a clap over there. Earlier today, in a post entitled Secure Contexts Everywhere, it was announced on the Mozilla...
View ArticleGet HTTPS working on localhost, with green padlock
In On “Secure Contexts” in Firefox, HTTPS for local development, and a potential nice gesture by Chrome I said: One of the things that’s still not really frictionless for your local development...
View ArticleGetting correctly signed SSL Certificates for cPanel/WHM Services
Back in the day I set up a few VPSes with WHM/cPanel on to host some sites. As back then the certificates for the cPanel services (FTPD, SMTP, WHM, …) were self-signed and Let’s Encrypt was still in...
View Article
More Pages to Explore .....