Tags: https

A Quick Reminder on HTTPS Everywhere

HTTPS Everywhere! So the plugin says, and now browsers are warning users that sites not implementing https:// are security risks. Using HTTPS everywhere is good advice. And this really means "everywhere": the home page, everything. Not just the login page, or the page where you accept donations....
Read 0 Comments

DNS Resolvers Performance Compared: CloudFlare x Google x Quad9 x OpenDNS

A couple of months ago I did a performance comparison between some of the top free DNS Resolvers available. It was just after Quad9 had launched and I was trying to decide which one to use and recommend to families and friends. Google, OpenDNS, Quad9, .. some many options… I love options … And...
Read 0 Comments

It's HTTPS or Bust: How to Secure Your Website

Come July 2018, with the release of Chrome 68, any site not protected with Secure-Socket Layer/Transport Layer Security (SSL/TLS) will be marked with the red-triangle of an insecure site. Unless you secure your site, you can kiss your web traffic goodbye. To secure your website, you must install an...
Read 0 Comments

Let's Encrypt Hits 50 Million Active Certificates and Counting

In yet another milestone on the path to encrypting the web, Let’s Encrypt has now issued over 50 million active certificates. Depending on your definition of “website,” this suggests that Let’s Encrypt is protecting between about 23 million and 66 million websites with HTTPS (more on that below)....
Read 0 Comments

Tipping the Scales on HTTPS: 2017 in Review

The movement to encrypt the web reached milestone after milestone in 2017. The web is in the middle of a massive change from non-secure HTTP to the more secure, encrypted HTTPS protocol. All web servers use one of these two protocols to get web pages from the server to your browser. HTTP has...
Read 0 Comments

ACME​ ​Support​ ​in​ ​Apache​ ​HTTP​ ​Server​ ​Project

We’re excited that support for getting and managing TLS certificates via the ACME protocol is coming to the Apache HTTP Server Project (httpd). ACME is the protocol used by Let’s Encrypt, and hopefully other Certificate Authorities in the future. We anticipate this feature will significantly aid...
Read 0 Comments

HTTPS Certificate Revocation Is Broken, and It’s Time for Some New Tools

We have a little problem on the web right now and I can only see it becoming a larger concern as time goes by: more and more sites are obtaining certificates, vitally important documents needed to deploy HTTPS, but we have no way of protecting ourselves when things go wrong. Certificates We're...
Read 0 Comments

Steps To Secure Your Website With An SSL Certificate

Is customer data safe on your website? When consumers provide credit card information or personal details, is the link between your site and their device secure — or open to prying eyes? Providing security is a necessity if your business sells products or services online. Your potential customers...
Read 0 Comments

Open Source Server Simplifies HTTPS, Security Certificates

Forget expired TLS certificates; the lightweight Caddy web server handles Let's Encrypt certificates and redirects HTTP traffic by default. For administrators seeking an easier method to turn on HTTPS for their websites, there is Caddy, an open source web server that automatically sets up security...
Read 0 Comments

badges_b.jpg

Best practices
Learn more about the Core Infrastructure Initiative (CII) Best Practices Badges Program. [Image credit: torbakhopper]

How to Get an Open Source Security Badge from CII

Co-authored by Dr. David A. Wheeler Everybody loves getting badges.  Fitbit badges, Stack Overflow badges, Boy Scout merit badges, and even LEED certification are just a few examples that come to mind.  A recent 538 article "Even psychologists love badges" publicized the value of a badge....
Read 0 Comments
Click Here!