Header Image -

Tag Archives

4 Articles

HSTS – The Missing Summary

by Jamey 0 Comments
HSTS – The Missing Summary

HSTS (HTTP Strict Transport Security) is a feature supported by all major browsers, and it’s a method for websites to declare that they should ONLY be accessed securely over HTTPS and never over an unencrypted HTTP connection. If a site has an HSTS policy, browsers will refuse all insecure connections to that site AND prevent users from accepting insecure SSL certificates. This, however, can come with certain risks to availability if not implemented correctly, as you will read later…

16 views

HTTP/2 – The Missing Summary

by Jamey 0 Comments
HTTP/2 – The Missing Summary

We know our browsers support it, and we know AWS, Akamai, and other big players support it within their infrastructure already…but do your applications and/or on-prem infrastructure have what it takes to leverage the awesomeness that is HTTP/2?

Think about it. We went from HTTP/0.9, to HTTP/1.0, to HTTP/1.1…to a full version upgrade of HTTP/2. That alone should tell you that there are some very interesting features lurking underneath the hood. This is the missing in-depth summary that you have been missing while being overloaded with too much information reading official specs and getting lost in sensory-overload-causing diagrams. Welcome to HTTP/2 – the missing summary.

9 views

Nginx HTTP-to-HTTPS AND domain.com-to-WWW Redirect Using AWS ELB for SSL Termination

by Jamey 0 Comments
Nginx HTTP-to-HTTPS AND domain.com-to-WWW Redirect Using AWS ELB for SSL Termination

You are running Nginx as a webserver or reverse proxy, and you are terminating SSL on an Amazon Elastic Loadbalancer.

The loadbalancer is passing HTTP traffic from port 80 to HTTP port 80 on your EC2 instance(s).

The loadbalancer is decrypting HTTPS traffic from port 443 and also passing it on to HTTP port 80 on your EC2 instance(s).

You are looking for the following functionality:

http://domain.com => https://www.domain.com
https://domain.com => https://www.domain.com
http://www.domain.com => https://www.domain.com
https://www.domain.com => https://www.domain.com

4 views