There, I said it! It might sound like a weird thing to stay but stick with me on this one. We really do need more phishing sites on HTTPS, all of them, encrypt all the things, and not for the reason you might think. The web is going HTTPS There's…
Tag: Let's Encrypt
I was having a period of really high load on securityheaders.io earlier and whilst I looked into it and sorted out the root cause I wanted to throw some more cloud behind the site to bolster it. That introduced an interesting problem that I wanted to solve quickly. DNS…
I've written quite a few blogs on how to get started with Let's Encrypt and covered both RSA and ECDSA certificates. In this blog I'm going to look at how we revoke them. Let's Encrypt If you haven't come across Let's Encrypt yet, they're a CA that you can use…
I don't think anyone can disagree with the tremendous amount of progress that has been made in deploying web encryption over the last year or so and Let's Encrypt have played a monumental part in that. Recently though I've seen some negative comments about the CA and some concerns over…
The www subdomain is so overrated I decided it was time for a change. What else could be better than 3 padlocks for my new subdomain?! Yes, it really works! You can try out the new subdomain and link to it just like you would any other. Here is the…
NginX version 1.11.0 just became available and that means we can now serve both RSA and ECDSA certificates for maximum performance without having to drop support for older clients. Nginx 1.11.0 As I noted a couple of days ago, the 1.11.0 release of NginX…
Very often people tell me "we don't need HTTPS" and most of the time the justification is based on 1 of 2 arguments. It's either "we don't have a login screen" or "we don't serve any sensitive data". Supporting HTTPS on your site has…
I did a scan of the Alexa Top 1 Million back in August 2015 and published the results for everyone to see. Having just completed another scan of the current Alexa Top 1 Million with additional metrics being tracked, I thought I'd compare the results and see how much progress…
In a previous blog I wrote about how to get started with Let's Encrypt certificates and auto-renewing them. Free certificates are awesome and auto-renewal is even better, but I wasn't quite satisfied with the renewal process so I decided to improve it. Getting started If you aren't already using Let's…
Let's Encrypt, the brand new and free Certificate Authority (CA), is now in public beta and I've just switched over to start using their certificates along with auto-renewal. No more re-issuing every year, that's right, it's all auto-magic! Let's Encrypt! There are many attractions to using Let's Encrypt (LE) but…