Free Post nginx Customising Server header over HTTP/2 in NginX I recently noticed that my website was returning the value 'nginx' in my Server header which was odd because I build NginX form source and specifically change the...
Free Post Let's Encrypt Let's Encrypt with DNS Round-Robin I was having a period of really high load on securityheaders.io [https://securityheaders.io] earlier and whilst I looked into it and sorted out the root cause I wanted...
Free Post steelcon SteelCon 2017 After another superb SteelCon filled with awesome talks and awesome people, I thought I'd give a quick update on the event and on the Charity Sticker Stand I...
Free Post Revocation is broken We have a little problem on the web right now and I can only see this becoming a larger concern as time goes by. More and more sites are obtaining certificates, vitally important documents that we need to deploy HTTPS, but we have no...
Free Post Let's Encrypt How to revoke a Let's Encrypt certificate I've written quite a few blogs on how to get started with Let's Encrypt and covered both RSA and ECDSA certificates. In this blog I'...
Free Post license Why my blog is Creative Commons licensed I've had a fairly interesting conversation a couple of times about why I chose to license my blog under a Creative Commons license and particularly why I allowed...
Free Post Incapsula Analysing massive traffic volumes on report-uri.io After the two year birthday of report-uri.io I wanted to take a look at where the service is and just how much work it's doing on a...
Free Post charger How I almost burnt my hotel down with a 'genuine' MacBook Pro charger I've had my trusty MacBook Pro (mid-2009) for many years now and the original charger was starting to show its age. I wanted to replace it and bought...
Free Post OCSP Stapling Designing a new Security Header: Expect-Staple I've talked about OCSP Stapling in the past and more recently about the new Must-Staple flag you can set in your certificates, but there's a bit...
Free Post nomx nomx: The world's most secure communications protocol I was recently invited to take part in some research by BBC Click [http://www.bbc.co.uk/programmes/n13xtmd5], alongside Professor Alan Woodward [https://twitter.com/ProfWoodward], to analyse...