Thread replies: 21
Thread images: 11
Thread images: 11
Anonymous
Practice what you preach 2017-05-16 07:18:07 Post No. 60433205
[Report] Image search: [Google]
Practice what you preach 2017-05-16 07:18:07 Post No. 60433205
[Report] Image search: [Google]
File: Screenshot_20170515-220240_01.png (86KB, 1918x1004px) Image search:
[Google]
86KB, 1918x1004px
Does /g/ live up to its big mouth? Prove it here.
https://www.ssllabs.com/ssltest/index.html
https://observatory.mozilla.org/
>>
File: Screen Shot 2017-05-16 at 3.20.11 PM.png (59KB, 1053x474px) Image search:
[Google]
59KB, 1053x474px
All the websites I run are pretty small so I don't care about compatibility. But I don't pin my certificates (I should enable CAA, though, but my Nameserver doesn't support it) because I don't trust myself to prevent a catastrophic fuckup.
>>
>>60433255
That's just fine, Anon. I can afford exclusively using the stronger cipher suites and TLS 1.2 only, but if you serve a lot of customers you really have to make concessions, I get it. You're doing great. Are you using your own name servers or some third party's, btw?
>>
I got an f
>>
>>60434529
Great stuff, sport.
>>
File: Screenshot_20170516-235002.png (120KB, 1080x1920px) Image search:
[Google]
120KB, 1080x1920px
Are these yours?
>>
File: Screen Shot 2017-05-16 at 4.54.37 PM.png (51KB, 976x440px) Image search:
[Google]
51KB, 976x440px
Using cloudflare
>>
File: Screen Shot 2017-05-16 at 4.56.11 PM.png (46KB, 978x403px) Image search:
[Google]
46KB, 978x403px
Not using cloudflare
>>
File: 1488486853822.jpg (41KB, 600x401px) Image search:
[Google]
41KB, 600x401px
By the way, where can i get certificates for free?
>>
>>60436314
Let's Encrypt
>>
Meh. I have a cert from LetsEncrypt, but it's hosted on a RPi that's piggybacked on my local coffeeshop's network.
They left the config pw on default so I opened some ports :^)
>>
File: 1473618784175.jpg (81KB, 900x506px) Image search:
[Google]
81KB, 900x506px
>>60436421
Thanks
>>
File: Screenshot_2017-05-16-16-12-11-1.png (32KB, 1266x422px) Image search:
[Google]
32KB, 1266x422px
>>60436508
Forgot pic
>>
File: 2017-05-16-232121_992x538_scrot.png (40KB, 992x538px) Image search:
[Google]
40KB, 992x538px
Just quickly got CAA set up in my zone file, but it was A+ before that.
>>
>>60436529
Those scores should be enough for an A+. What's capping you to an A?
>>
>>60436828
Don't have CAA set up, I think
>>
>>60436845
CAA isn't necessary for an A+
>>
>>60436314
I use AWS to host my site on S3.
They have a free SSL cert service that is quite nice, and you can attach the cert to a CloudFront instance which is their CDN service.
Of course it is easier to have everything on AWS like I am doing, but your Cloudfront can be a cdn/cache for any domain.
>>
File: cloudfront_ssl.png (83KB, 1177x533px) Image search:
[Google]
83KB, 1177x533px
>>60437561
My site setup this way got "A" on ssllabs.com for the ip4 hosts, and a warning apparently due to the ip6 hosts.
Got an F from mozilla for reasons in pic. I am using mostly default settings on cloudfront so I don't know if those issues can be fixed.
>>
File: Screen Shot 2017-05-16 at 7.13.02 PM.png (166KB, 1185x717px) Image search:
[Google]
166KB, 1185x717px
>>60437943
>>
>>60438244
>not needed since site contains no script tags
good for you anon
Thread posts: 21
Thread images: 11
Thread images: 11