An SPF record is basically a DNS record of the TXT type, which contains information about who may send email from your domain. It is used to avoid spoofing and spam. So how does it work? Basically, when a (decent)… Read More »What is an SPF record? And why use them?
Don’t let just “anyone” issue a certificate for your domain! If you run your website, you probably secure it with HTTPS (if not, you really should). And if you’re techy and smart, you’re using Let’s Encrypt to do so. This… Read More »Securing your website further with Certification Authority Authorization (CAA)
Just a quick one to improve things! Beginning January 2020, SSLLabs.com will give you a grade B if you still have TLS 1.0 or 1.1 enabled, as it’s considered insecure. The following is an example warning you might see: So… Read More »Quickly harden Apache 2 by disabling insecure SSL/TLS and only allowing strong ciphers
If you use Threema, you probably know of the “Threema Web” feature.But did you know it’s open source? So what’s Threema Web? It’s basically a web application, that connects with your phone and allows you to chat on your desktop… Read More »Self-Hosting Threema Web
Now that we covered virtualization on Mac, let’s go over to Windows! Microsoft Hyper-V If you have Windows 10 Pro or better (includes Education and Enterprise), then you already have a native virtualization option on board! To enable it, simply… Read More »Virtualization on Windows
Just wanted to share a one-liner on how to encrypt a device,partition or volume with cryptsetup (dm-crypt/luks)and options to get you started! The idea is simple: You create a crypto container on a disk/partition/volume/file/whatever, you then unlock that container, and… Read More »Linux full-disk-encryption
Here’s a list of OpenVPN clients I recommend for various platforms. Windows Use the official open source community client. https://openvpn.net/community-downloads/ Mac Use the open source Tunnelblick client which is both OpenVPN and GUI in one app. https://tunnelblick.net/ Linux Use your… Read More »OpenVPN clients: A list
What is HSTS and do I want to enable it?If you are a website owner or admin, keep reading to know more! Imagine you are browsing to your online banking page. You are redirected to HTTPS automatically every time, you… Read More »HSTS: HTTP Strict Transport Security
Enhance your privacy and security with this guide! If you don’t know what DoT or DoH are, check out my earlier post! This guide assumes you are running the latest version of Firefox, which you should be doing anyway, as… Read More »How to set up DoH (DNS over HTTPS) in Mozilla Firefox (and optionally block ads)
Here are just some DNS over TLS and DNS over HTTPS providers to get you started, but there are many more and you should evaluate your options. Make sure to check each provider’s privacy policy. Please note that the following… Read More »A list of some DNS providers (servers) with encryption (DoT and DoH)