tls

The future of Certificate Authorities

With the advent of the fully automated and free of cost certificate authorities Let’s Encrypt and StartCom there is no doubt that the future of CAs are changing.

Let’s Encrypt for Nginx

Security, Server

Let’s install an SSL-certificate from Let’s Encrypt for Nginx.

Redirect all HTTP requests to HTTPS with Nginx

Server

All login credentials transferred over plain HTTP can easily be sniffed by an MITM attacker, but is is not enough to encrypt the login forms. If you are visiting plain HTTP pages while logged in, your session can be hijacked, and not even two-factor authentication will protect you. To protect all info sent between your …

Redirect all HTTP requests to HTTPS with Nginx Read More »

Optimizing HTTPS on Nginx

Performance, Security, Server

Now that you have secured Nginx with HTTPS and enabled SPDY enabled HTTP/2, it’s time to improve both the security and the performance of the server.

Securing Nginx with HTTPS

Security, Server

Adding a certificate and using the HTTPS protocol is a good improvement to the security in the communication between the browser and the server, and should be in place on all sites that have a user login. Contrary to what many (older) guides say, it doesn’t add much load on your server and is fairy …

Securing Nginx with HTTPS Read More »