Free Post HSTS Want to Encrypt All The Things? Firefox has you covered with HTTPS-Only Mode! We are currently powering towards an encrypted Web and in recent years we've made tremendous progress on that journey. In the latest version of Firefox, a browser that&...
Free Post CSP Using security features to do bad things We have quite a few security features at our disposal to help us better protect our websites and our visitors. I talk about them a lot on my blog and...
Free Post HSTS Death by copy/paste I was writing up an article about using security features for bad things and I stumbled across something interesting. I found what turned out to be sites having used copy/...
Free Post CDN Should CDNs tighten up their security? I was doing some work on securityheaders.io [https://securityheaders.io] the other day and I noticed something about the CDN that I use for some of my assets. They...
Free Post HSTS Testing the HSTS preload process My registrar had an offer on domains so I figured I'd grab one and test out the HSTS preload process as it currently stands. I want to track...
Follow