Protect your site from being tricked to run JavaScript that is not JavaScript!

The X-Content-Type-Options header tells browsers to stop automatically detecting the contents of files. This protects against attacks where they're tricked into incorrectly interpreting files as JavaScript. Simply set the header to "nosniff". X-Content-Type-Options is a header supported by Internet Explorer, Chrome and Firefox 50+ that tells it not to load [...]

By |2019-11-02T09:12:30+01:00October 29th, 2019|Tech Support|0 Comments

How to enable HSTS on Apache2

It's way too simple! HSTS further protects your HTTPS enabled website. Read on to figure out how enable it in Apache2 and also why you want it! Prerequisites HTTPS already working with legit certificate, no browser errorsApache mod_headers enabled Enabling mod_headers On a Debian based system, simply run: a2enmod headers [...]

By |2020-01-31T12:17:54+01:00October 15th, 2019|Tech Support|0 Comments

How to SSH with GPG (and smart card)

Useful to use SSH securely using a smart card / hardware token / yubikey / etc. Prerequisites Of course, you need to have GPG installed on your system, and possibly some drivers and applications to support your smart card / hardware token if used. This guide assumes you already have [...]

By |2021-05-16T19:46:47+02:00September 13th, 2019|Tech Support, Wiki|0 Comments

Hardened GPG config

This is just a quick post to share a hardened gpg.conf Usually stored in ~/.gnupg/gpg.conf personal-cipher-preferences AES256 AES192 AES personal-digest-preferences SHA512 SHA384 SHA256 personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed cert-digest-algo SHA512 s2k-digest-algo SHA512 s2k-cipher-algo AES256 charset utf-8 fixed-list-mode no-comments no-emit-version [...]

By |2019-09-13T09:56:16+02:00September 13th, 2019|Tech Support, Wiki|0 Comments
Go to Top