Free Post cipher suite Getting an A+ rating on the Qualys SSL Test The SSL Test provided by Qualys does an incredibly thorough evaluation of the SSL configuration on your server. It's a great way to get a feel for whether...
Free Post certificate revocation Enabling Certificate Revocation Checks in Google Chrome Following on from the announcement of Heartbleed, it's fair to assume that there will be a huge amount of certificate revocations both in progress and in the days and weeks to come. With an increased number of revocations, there's the...
Free Post certificate OCSP Stapling; SSL with added speed and privacy Using SSL on your site comes with certain overheads and one of those overheads is checking the revocation status of your SSL certificate. Whilst this particular overhead resides on the client side, rather than the server side, it still affects the performance of your...
Free Post HSTS Setting up HSTS in nginx The HTTP Strict Transport Security (HSTS) header allows a host to enforce the use of HTTPS on the client side. By informing the browser to only use HTTPS, even if the user specifies HTTP as the protocol, the browser will enforce the use of...
Free Post encryption Public WiFi Hotspots; The Wild Wild West Public WiFi hotspots can usually be found in abundance wherever we go. So much so that many of us are now frustrated when there is no WiFi for us to use. If you're at a coffee shop, hotel, bar, restaurant or even...
Free Post CloudFlare My TLS conundrum and why I decided to leave CloudFlare CloudFlare is an incredibly advanced content delivery network (CDN) that offers boosts to the security and performance of your site. They act as a reverse proxy and shield your web server from exposure to the wider Internet. You get huge bandwidth savings and a...
Free Post DNS Hijacking How HSTS could have largely mitigated the Polish DNS hijacking attack Last week, there was large scale cyber attack on Polish internet users that specifically targeted online banking activities. By modifying the DNS settings on victim's routers, the attackers were able to redirect users to malicious servers and intercept online banking traffic to...
Free Post BrightBox EE BrightBox router patched - still vulnerable EE have released a patch for their BrightBox routers which addresses some of the issues that I disclosed. Whilst the device now takes more care of user credentials and doesn&...
Free Post BrightBox EE BrightBox router hacked - bares all if you ask nicely Shortly after having my new fibre broadband installed, I discovered a method to permanently compromise the security of the BrightBox router provided by EE. After a brief period of traffic...
Free Post cookies Web Security - The hidden dangers of hunting for a new house When looking for a new house to buy in the UK, the chances are at some point you will end up on the website of RightMove or Zoopla. With RightMove claiming they are "the UK's number one property website" and...
