Barry Frost

This is Barry Frost’s personal website.

Tagged #ssl
Reposted Venntro Development Venntro Development’s post on Twitter
New post: "Automating the build and deployment of our team site with Jekyll, GitHub, Travis, S3 and CloudFront" https://dev.venntro.com/2017/10/26/automating-the-build-and-deployment-of-our-team-site-with-jekyll-github-travis-s3-and-cloudfront.html

Moving to HTTPS

Guide to how to move your site from HTTP to HTTPS

How Etsy Manages HTTPS and SSL Certificates for Custom Domains on Pattern

Nice pricing change(s) from @heroku: free SSL beta and dyno hour flexibility https://blog.heroku.com/archives/2016/5/18/announcing_heroku_free_ssl_beta_and_flexible_dyno_hours

Using Heroku for a custom domain with SSL suddenly became much more attractive (and affordable), especially for people running personal #indieweb sites.

SSL config generator

securityheaders.io

securityheaders.io is a handy site for testing whether your website’s server is sending sensible headers. Think of it like SSL Test for a few nitty-gritty details.

In reply to https://kylewm.com post on kylewm.com
Since getting into #indieweb stuff, I’ve seen way more sites go down because of an expired HTTPS cert than expired domain registration.

Thanks for the reminder. My single-domain certificate was about to expire so I’ve upgraded to a new Comodo wildcard one ready for some secure subdomain projects. It would be great if this auto-renewed but I think I need to manually renew it unfortunately.

Using camo for SSL image proxying

I’ve just set up SSL image proxying on my website through camo to make sure any external non-https images are served via https. Camo is a simple HTTP proxy that also encrypts URLs with HMAC to prevent someone piggy-backing off your service.

Read full post…

camo

HTTP proxy to simplify routing images through an SSL host

Best nginx configuration for security

SHAAAAAAAAAAAAA

Checks for (weak) SHA-1 certificates

Setting up SSL with nginx

“(using a NameCheap EssentialSSL wildcard certificate on DigitalOcean)”

SSL Server Test

“This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.”

Switch to HTTPS Now, For Free

How to use StartSSL to get a free SSL cert and configure it with nginx

Socky

Real-time browser-server communication using WebSockets where available, falling back to Flash sockets where not

macosxhints.com - How to create a secure (HTTPS) OS X webserver

Redirect To SSL Using Apache’s .htaccess

Http-https transitions and relative URLs

Didn’t know this - href=“//myserver.com/image.jpg” maintains the HTTP/HTTPS state. Very handy for checkout pages

Charles

HTTP/HTTPS/SSL Monitor/Proxy/Reverse Proxy

Particletree » Subdomains Development = Sucks

Good reasons to avoid subdomains - pricipally wildard SSL certs are expensive and testing is harder