LetsEncrypt offers free SSL certificates for websites, allowing you to protect users who access your site. This guide will go step by step moving an unencrypted HTTP website to using HTTPS on Nginx. For the purpose of this guide, I’ll be using the website guide.highguard.net. There is no content there. Lets start with the site…
Month: July 2017
Google and Mozilla are pushing for HTTPS to be everywhere
If your default browser is Firefox or Chrome you have have notice recently that both browsers are starting to take a harder stance on insecure login pages. Whenever inputting text to a field, or when on a login page not secured with HTTPS, both Firefox and Chrome have their own ways of notifying users that…
Annoying Web Scanners with Zip Bombs
This one can be filed squarely under “so dumb it works”. This practice wont really do much to increase practical security of a website, but it does create roadblocks for the guys running the tools that look for holes in your security. Zip Bombs are really large files that are basically empty, so that when…