The rsync utility can backup files, synchronize directory trees, and much much more, both on the local machine and between two different hosts—via push and pull. Here is how to tame it.
Fixing your Web Server’s Security Headers: From Hall of Shame to Hall of Fame
[Updated 2018-06-10] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.
Fixing DNS: why you need a Trusted Recursive Resolver and DNS over HTTPS
The DNS system is broken. The sorry state of DNS security exposes your server and your end users to a variety of risks. Some of those risks are preventable.
TLS 1.3 and post-quantum cryptography: unleashing perfect forward secrecy
TLS 1.3 and post-quantum cryptography are subjects of much debate. Upgrade or wait—this is the big question facing administrators and users alike.
There are quite a few reasons to jump onto the TLS 1.3 bandwagon immediately, with or without quantum cryptography. Here is why.
TLS tune-up: how to restrict Firefox to TLS v1.3 and v1.2 to protect from phishing attacks
Only two versions of the TLS (Transport Layer Security) protocol can be considered safe under certain circumstances: TLS 1.3 and TLS 1.2. Trying to get your bank alongside everyone else to fix their websites and web applications is a Herculean task; good luck trying. Even so, you can protect TLS connections by modifying the browser configuration.
It is good to know that there is something you can do to protect at least yourself and the other end users on the networks that you oversee from nasty attacks against their TLS connections. In Firefox, you can restrict the browser to “speak” only TLS 1.3 and TLS 1.2 to limit the attack surface and restrict phishing. Here is how to do it.