[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

HTTP security

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. HTTP security
Thread replies: 10
Thread images: 1

Anonymous
HTTP security 2017-06-06 06:45:02 Post No. 60780571
[Report] Image search: [Google]
File: Screenshot_20170524-203726_01.png (85KB, 1912x995px) Image search: [Google]
Screenshot_20170524-203726_01.png
85KB, 1912x995px
HTTP security Anonymous 2017-06-06 06:45:02 Post No. 60780571 [Report]
This is a general HTTP security thread for anyone willing to discuss, help newbies or learn more about HTTP security in general.

Who among you running your own Web server? Do you secure your traffic with TLS and HTTP security headers? Do you enforce a secure connection using HSTS [1]? Do you ensure that user agents pin your server's public certificate with HPKP [2]? Do you enforce content restrictions with CSP [3]?

The following websites help you check your server's security:
https://www.ssllabs.com/ssltest/index.html
https://observatory.mozilla.org/
https://securityheaders.io/

Or you can do a basic check yourself using the following tools:
sslscan
sslyze
observatory-cli

[1] https://tools.ietf.org/html/rfc6797
[2] https://tools.ietf.org/html/rfc7469
[3] https://www.w3.org/TR/CSP2/
>>
Anonymous 2017-06-06 07:08:49 Post No.60780922
[Report]
Anonymous 2017-06-06 07:08:49 Post No.60780922 [Report]
>>60780571
I really like the idea of this thread, but sadly I think it's a bit too specific to gain any real traction.
>>
Anonymous 2017-06-06 07:20:45 Post No.60781084
[Report]
Anonymous 2017-06-06 07:20:45 Post No.60781084 [Report]
>>60780922
My DNS security thread was a little more prosperous, yes. I'm thinking of merging both threads, but I fear that would cause the thread to be too broad and generic. What you guys think?
>>
Anonymous 2017-06-06 07:35:44 Post No.60781296
[Report]
Anonymous 2017-06-06 07:35:44 Post No.60781296 [Report]
>>60781084
This topic is already extremely specific, I don't think that merging the threads would be too 'generic' at all.

That being said, I think this would make a lot more sense to be part of the Web Dev general, or perhaps something along the lines of "Web Security General"

Either way, I'm off for tonight. Best of luck anon, I'll keep an eye out for your threads.
>>
Anonymous 2017-06-06 07:54:47 Post No.60781549
[Report]
Anonymous 2017-06-06 07:54:47 Post No.60781549 [Report]
>>60781296
Thanks for your input, mate. Good night and see you around.
>>
Anonymous 2017-06-06 08:34:05 Post No.60782051
[Report]
Anonymous 2017-06-06 08:34:05 Post No.60782051 [Report]
>>60781084
Why not just make a general focusing on security? That's a broad enough topic for the thread not to die while still being specific enough to differ from other threads.
>>
Anonymous 2017-06-06 08:37:07 Post No.60782091
[Report]
Anonymous 2017-06-06 08:37:07 Post No.60782091 [Report]
>>60780571
TLS 1.2 only
>>
Anonymous 2017-06-06 08:39:15 Post No.60782113
[Report]
Anonymous 2017-06-06 08:39:15 Post No.60782113 [Report]
Currently studying for CCENT. I find these threads very helpful as they give some real world insights. Really looking forward for security general, since I'm going to specialize in that field. Cheers
>>
Anonymous 2017-06-06 09:29:58 Post No.60782828
[Report]
Anonymous 2017-06-06 09:29:58 Post No.60782828 [Report]
>>60782113
I might also add some RPKI [1] for you next time, seeing as you aspire to be a network security engineer. Gonna be interesting since I'm a little foggy on the details after a few years, and, guess what, because it hasn't caught on yet (just like IPv6, DNSSEC, DANE, etc! :c )

[1] https://tools.ietf.org/html/rfc6810
>>
Anonymous 2017-06-06 09:32:34 Post No.60782870
[Report]
Anonymous 2017-06-06 09:32:34 Post No.60782870 [Report]
>>60782051
Sounds interesting, I might. Seeing as we're limited to a maximum amount of characters for a post I'll also have to be very selective in what I'll include. Good practice.
Thread posts: 10
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.