Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for HSTS
Fixing your Web Server’s Security Headers: From Hall of Shame to Hall of Fame

Cloud Insidr 2020-12-04 14 Comments

Fixing your Web Server’s Security Headers: From Hall of Shame to Hall of Fame

[Updated 2020-12-04] This post explains how to set up robust security headers in NGINX to protect your web application from malicious payloads and other forms of attacks. Choose your HTTP(S) headers wisely.

[Read more…]

Filed Under: cloud, edge and everything in between, cybersecurity and cyber warfare, encryption, NGINX, Uncategorized, web servers in the cloud Tagged With: clickjacking, CSRF, HPKP, HSTS, MITM, x509, XSS

How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

Filipe Martins 2018-10-04 5 Comments

How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

 

Are you ready for a better security with no performance penalty? Are you ready for a performance bump that can take you places in search engine land? In other words: now that HTTP/2 reached production-grade maturity, nothing should hold you back.

The IoT  revolution will make sure that only the paranoid survive.

[Read more…]

Filed Under: cloud, edge and everything in between, cybersecurity and cyber warfare, web servers in the cloud Tagged With: cipher suites, Diffie-Hellman, ECDHE, FLAME, HSTS, HTTP/2, NGINX, SHA-1, SHA-2, SSL, TLS

Join Cloud Insidrs!

Symantec Code Signing (200x200)

Tag Cloud

automation AWS Azure Azure Active Directory Azure Arc Azure Lighthouse Azure Resource Manager certbot certificate clickjacking cron CSRF cyber security DD-WRT DNS over HTTPS DoH domain firmware Gemalto HPKP HSTS IAM letsencrypt log logs MFA MITM Netgear network router SELinux time stamp tip Whois WiFi x509 XSS
Secure Site with EV (160x600)

Pearson Education (InformIT)

Pearson Education (Peachpit)

Thawte Code Signing (200x200)

  • Content purchasing and syndication