Free Post CSP Just how much traffic can you generate using CSP? The ability to send reports about violations of your CSP is a fantastic feature and allows you to monitor all kinds of issues on your site in real time. There...
Free Post CSP Using security features to do bad things We have quite a few security features at our disposal to help us better protect our websites and our visitors. I talk about them a lot on my blog and...
Free Post HSTS Death by copy/paste I was writing up an article about using security features for bad things and I stumbled across something interesting. I found what turned out to be sites having used copy/...
Free Post 2FA Keep cyber criminals at bay, use 2FA! One of the easiest ways to better protect your online accounts is using something called 2FA, or 2 Factor Authentication. Don't worry, it's not difficult to...
Free Post CDN Should CDNs tighten up their security? I was doing some work on securityheaders.io [https://securityheaders.io] the other day and I noticed something about the CDN that I use for some of my assets. They...
Free Post securityheaders.io Alexa Top 1 Million Crawl - August 2016 It's been 6 months since my last crawl of the Alexa Top 1 Million so it's time to dust off my servers and fire them up...
Free Post securityheaders.io Short URLs for securityheaders.io I had a spare hour over the weekend and I wanted to do something fun, so I created a short URL service for securityheaders.io! This is how I did...
Free Post research One password reset to rule them all! A company called Ecotricity recently launched a new app in the UK. They are a utility provider for your gas and electric but also run a nationwide network of charge...
Free Post HSTS Testing the HSTS preload process My registrar had an offer on domains so I figured I'd grab one and test out the HSTS preload process as it currently stands. I want to track...
Free Post RSA Hybrid RSA and ECDSA certificates with NginX NginX version 1.11.0 just became available and that means we can now serve both RSA and ECDSA certificates for maximum performance without having to drop support for older...
