Are you ready for a better security with no performance penalty? Are you ready for a performance bump that can take you places in search engine land? In other words: now that HTTP/2 reached production-grade maturity, nothing should hold you back. The IoT revolution will make sure that only the paranoid survive.
Attack vectors against TLS, implementation bugs, and how to mitigate TLS vulnerabilities
In light of documented TLS vulnerabilities and implementation bugs, understanding known attack vectors becomes a necessity.
TLS 1.3 (with AEAD) and TLS 1.2 cipher suites demystified: how to pick your ciphers wisely
Until the day TLS 1.3 becomes widely supported, web servers must rely on a fallback to TLS 1.2 with correctly configured server directives and strong cipher suites. Pick the wrong settings, and you declare an open season on your server.
How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty
Are you ready for a better security with no performance penalty? Are you ready for a performance bump that can take you places in search engine land? In other words: now that HTTP/2 reached production-grade maturity, nothing should hold you back.
The IoT revolution will make sure that only the paranoid survive.
A fix for Spectre & Meltdown: update your Linux kernel in place (running CentOS/RHEL 7 or above), and live happily ever after
If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.
Tip: assign a secondary IP to an EC2 instance in an AWS VPC
A secondary IP per EC2 instance running in a VPC has several advantages. It allows you to use more than one SSL certificate for your web server.
Assigning a secondary IP to an EC2 instance in a VPC is easy when you know how to get started. Here are some useful resources:
- 1
- 2
- 3
- …
- 13
- Next Page »