- Apr 01, 2018
-
-
* hardening SSL + HEADER + global option == no-sslv3 no-tls-tickets force-tlsv12 - CAMELIA CIPHER == on the way to be NIST & HIPAA Compliant + redirect only if not already SSL + Hardening HEADER with: ++ X-Frame-Options:\ SAMEORIGIN # OR DENY is another option ++ X-XSS-Protection ++ X-Content-Type-Options == nosniff ++ Referrer-Policy == no-referrer-when-downgrade which bring the security headers grade from E to B tested with https://securityheaders.io NOTE: Public-Key-Pins is more or less a DEAD project (https://blog.qualys.com/ssllabs/2016/09/06/is-http-public-key-pinning-dead) Content-Security-Policy is tricky to make it GENERAL * i forget the if
-
- Jan 06, 2017
-
-
Pierre Ozoux authored
-
- Dec 22, 2016
-
-
Pierre Ozoux authored
-
- Dec 14, 2016
-
-
Pierre Ozoux authored
-
- Nov 26, 2016
-
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
- Nov 25, 2016
-
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
- Nov 20, 2016
-
-
Pierre Ozoux authored
-
- Oct 12, 2016
-
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
- Aug 06, 2016
-
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
- Jul 21, 2016
-
-
Pierre Ozoux authored
-
Timothee Gosselin authored
add default.pem to resolve race condition issue
-
- May 30, 2016
-
-
Pierre Ozoux authored
-
- Feb 25, 2016
-
-
Pierre Ozoux authored
-
- Jan 09, 2016
-
-
Pierre Ozoux authored
-
- Dec 21, 2015
-
-
Pierre Ozoux authored
-
Pierre Ozoux authored
-
