OK, so we have a secure website, hosted on Amazon S3, and served up via HTTPS by CloudFront with an Amazon SSL Certificate. But, as we know from last time, we also have to express this security through our response headers. It was fairly easy with Azure – after all, it’s “just” IIS back there, and web.config is the answer to everything once you know the magic incantations – but how to do the same thing on AWS? […]
So there I was, patting myself on the back for making an Azure static website secure (with all the right headers, natch), when I gave myself a quick nod: yep, let’s do the same for this other static website, one that’s hosted on Amazon S3. Morceau de gâteau! […]
READ MORERemember how I was congratulating myself that I’d made my jmbucknall.com static website, that is hosted on Azure, secure? How I’d bought and uploaded an SSL certificate, and made the site only accessible via HTTPS? Well, HA! […]
READ MOREOne thing that’s been niggling at the back of my mind for a little while, is that of making my various domains secure. Getting and installing a certificate. Making HTTPS the default. Using SSL. All that jazz, mostly triggered by the news that Chrome and Firefox are going to start shaming – er, sorry, indicating in the address bar – those sites that are not secure. […]
READ MORE