Free Post CSP Micro-optimisation for fun! I stumbled across what I assume is a performance optimisation being used by Twitter and wondered how much I could optimise my site using a similar principle. The changes would...
Free Post securityheaders.io Scoring transparency for securityheaders.io The new version of my HTTP header analysing service, https://securityheaders.io, was launched a little over a month ago and is doing really well! To ease myself into the...
Free Post CSP Fixing mixed content with CSP As more and more sites are migrating to HTTPS, one of the biggest problems that will need solving is tracking down all of your HTTP resources to avoid mixed content...
Free Post Let's Encrypt Getting started with Let's Encrypt! Let's Encrypt [https://letsencrypt.org/], the brand new and free Certificate Authority (CA), is now in public beta and I've just switched over to start using...
Free Post securityheaders.io Launching the new version of securityheaders.io Last week I launched the new version of securityheaders.io [https://securityheaders.io] at PasswordsCon in Cambridge. Here's a quick round up of what's new! Scoring!...
Free Post HTTP/2 Monitoring HTTP/2 usage in the wild Having recently enabled HTTP/2 support [https://scotthelme.co.uk/tag/http-2/] on my blog, I was curious to see just how many of my visitors would be using the...
Free Post HTTP/2 Supporting HTTP/2 with NginX My blog now features HTTP/2 support thanks to the latest version of NginX. I'm going to walk through how to build the latest version of NginX and enable HTTP/2 support on your own server. Install the latest version At the...
Free Post report-uri.io Further improvements to report-uri.io I've just pushed another update to https://report-uri.io that brings quite a few new features and improvements. This update brings about the second significant set of changes...
Free Post HSTS Migrating from HTTP to HTTPS? Ease the pain with CSP and HSTS! The Chrome Security Team have just announced that they're removing the yellow warning triangle from pages with mixed content. From now on, these pages will show with the...
Free Post HTTP/2 HTTP/2 is here! After more than 15 years of living with HTTP/1.1 we can finally start to enjoy the benefits of HTTP/2! As an early adopter I've taken a look at some of the key improvements in HTTP/2 and how we...
