Posts tagged with 'https'


AWS Security Headers – done, right?

3 years ago

So a couple of days ago, I had a free half hour, so decided to check that the open source JavaScript libraries I use in my various websites were up to date. Rather than open up the base source files and check, I decided to be hip and use Firefox’s Developer Tools console window instead, when suddenly… […]

READ MORE
Sun 29-Aug-2021 4:05 PM Blog / tags: aws security ssl https No Comments

Revamped Boyet – redux

5 years ago

In less than a week, after almost ten years (!), the GoDaddy hosting plan I had for this site will expire. Transferring it and all its existing content to Microsoft Azure (and securing it along the way) has been a journey and a half, let me tell you, and over the past month or so – you may have noticed when stuff didn’t work – I’ve been finalizing all the tweaks I had to do. For future reference, here in no particular order were some of the last minute fine-tuning I had to do. […]

READ MORE
Sun 10-Feb-2019 1:15 PM Blog / tags: azure security https csp amazon No Comments

Content Security Policy is hard, and then there’s Pinterest and AddThis

6 years ago

Over the past month, I’ve embarked on an update of my blogging sites to make them secure. All told, I maintain three, all using GraffitiCMS as the backend: this site, 64SAINT.com, and my wife’s crafting site. […]

READ MORE
Fri 6-Jul-2018 2:42 PM Blog / tags: security https csp ssl No Comments

Making an AWS static website EVEN MORE secure

6 years ago

OK, so we have a secure website, hosted on Amazon S3, and served up via HTTPS by CloudFront with an Amazon SSL Certificate. But, as we know from last time, we also have to express this security through our response headers. It was fairly easy with Azure – after all, it’s “just” IIS back there, and web.config is the answer to everything once you know the magic incantations – but how to do the same thing on AWS? […]

READ MORE
Sat 21-Apr-2018 5:20 PM Blog / tags: https ssl certificate amazon-s3 No Comments

Making an AWS static website secure

6 years ago

So there I was, patting myself on the back for making an Azure static website secure (with all the right headers, natch), when I gave myself a quick nod: yep, let’s do the same for this other static website, one that’s hosted on Amazon S3. Morceau de gâteau! […]

READ MORE
Fri 20-Apr-2018 9:15 AM Blog / tags: https ssl certificate 3 Comments

Making an Azure static website EVEN MORE secure

6 years ago

Remember how I was congratulating myself that I’d made my jmbucknall.com static website, that is hosted on Azure, secure? How I’d bought and uploaded an SSL certificate, and made the site only accessible via HTTPS? Well, HA! […]

READ MORE
Mon 19-Mar-2018 5:20 PM Blog / tags: ssl certificate https 5 Comments

Making an Azure static website secure

6 years ago

One thing that’s been niggling at the back of my mind for a little while, is that of making my various domains secure. Getting and installing a certificate. Making HTTPS the default. Using SSL. All that jazz, mostly triggered by the news that Chrome and Firefox are going to start shaming – er, sorry, indicating in the address bar – those sites that are not secure. […]

READ MORE
Sat 17-Mar-2018 5:55 PM Blog / tags: ssl certificate https 1 Comment