I think this video is nice for people that are way over their head with “tech stuff”, as it explains some basic settings that can improve your privacy and security in a few easy taps, and it’s easy to follow.… Read More »10 iOS 13 settings to turn off
Status: sindastra.de is pending submission to the preload list. What this means is that once it is included, your browser will know to access sindastra.de through HTTPS with valid certificate only! No exceptions! This is for your security. This also… Read More »I just submitted sindastra.de to the HSTS Preload List!
You might be running an OpenVPN server and found that your IPv6 clients get their IP leaked. I have a quick fix! The problem If your client machine has IPv4 only, you won’t notice any problems. But if your client… Read More »Quickly kill IPv6 leaks on your OpenVPN server
So you think SSH is secure? Maybe not if you have a flawed config… But I have a solution! Meet Mozilla’s ssh_scan! Mozilla provides a free scanner for SSH, which will quickly give you a grade and recommendations on how… Read More »Scan SSH servers for issues
The X-Content-Type-Options header tells browsers to stop automatically detecting the contents of files. This protects against attacks where they’re tricked into incorrectly interpreting files as JavaScript. Simply set the header to “nosniff”. X-Content-Type-Options is a header supported by Internet Explorer,… Read More »Protect your site from being tricked to run JavaScript that is not JavaScript!
Don’t let just “anyone” issue a certificate for your domain! If you run your website, you probably secure it with HTTPS (if not, you really should). And if you’re techy and smart, you’re using Let’s Encrypt to do so. This… Read More »Securing your website further with Certification Authority Authorization (CAA)
Just a quick one to improve things! Beginning January 2020, SSLLabs.com will give you a grade B if you still have TLS 1.0 or 1.1 enabled, as it’s considered insecure. The following is an example warning you might see: So… Read More »Quickly harden Apache 2 by disabling insecure SSL/TLS and only allowing strong ciphers
SMS 2FA: Two Factor Authentication by SMS.In many cases, it’s better to not have 2FA than SMS 2FA. As a rule of thumb, don’t ever hand out your mobile number to sites. The problem with SMS authentication SMS authentication is… Read More »SMS 2FA is often less secure than no 2FA
It’s way too simple! HSTS further protects your HTTPS enabled website. Read on to figure out how enable it in Apache2 and also why you want it! Prerequisites HTTPS already working with legit certificate, no browser errors Apache mod_headers enabled… Read More »How to enable HSTS on Apache2
What is HSTS and do I want to enable it?If you are a website owner or admin, keep reading to know more! Imagine you are browsing to your online banking page. You are redirected to HTTPS automatically every time, you… Read More »HSTS: HTTP Strict Transport Security