There has been a huge focus on encryption on the web recently, with lots of that centred around HTTP with things like HTTPS and HSTS. Now we're taking the same concept and extending it to email with MTA-STS, or Mail Transfer Agent Strict Transport Security. MTA-STSYou can read about MTA-STS…
Tag: Report URI
Total 36 Posts
It's been an interesting ride over the last few years but HPKP, or HTTP Public Key Pinning, is finally coming to the end of its tenure. With support now gone in the last remaining browser, HPKP has been consigned to the scrap heap. HPKPI first wrote about HPKP back in…
Everybody knows I'm a rather large fan of CSP and an even bigger fan of CSP reporting, but CSP can be hard. Part of my personal mission has been to make that easier and a lot of the tools and content I create are focused around that. To that end,…
I've spoken a lot about Certificate Transparency on my blog recently and how powerful it is for site operators to be able to keep track of certificates issued for their domains. We plan to make that even easier by integrating CT monitoring into Report URI. Certificate TransparencyThe TLDR; of Certificate…
I've worked at some great companies during my career and worked alongside some great people too. Many of those I still keep in contact with and recently I spoke to an old colleague about joining him on a webinar to discuss bots, bot mitigation and the problems that bots pose.…
It's no secret that we use Cloudflare Workers extensively at Report URI and once you're using a Worker, you can keep adding more functionality to it. Here's our latest update on the things we're doing with our Worker! Cloudflare WorkersThere's plenty of documentation out there on Cloudflare Workers and I've…
Is your security up to scratch? How do you know? Would you like to know? Security is becoming more and more important each day and it's something I have a keen desire to keep on top of. Over at Report URI we recently had ourselves tested against a UK Government…
It was our most requested feature and simultaneously really simple and really complicated, but it's finally here. DMARC reporting allows you to detect and prevent fraudulent emails being sent that claim to be from your domain when they aren't. DMARC reports are another valuable source of information that you can…
I'm a strong supporter of 2FA and we implemented it some time ago on Report URI. All users can use 2FA on their account for free, whether they pay for a subscription or not, and it represents a great way to boost the security of your account. However, problem does…
We use Cloudflare Workers extensively at Report URI and over the last few months we've been testing a major update to how we use them. With this recent change we've seen a monstrous drop in the volume of traffic we're handling at our origin. Here's how we did it. Report…
