CHAT about SSL (https)
Posted
#4662
(In Topic #940)
tips, and solutions to make your site SSL
Hello,Just spent a bunch of time to get my site working with SSL (https) properly and learned many things and can help anyone else doing the same thing.
I host my site on my own DIY server (ubuntu & apache) so I had to sort it all out but now according to ::
SSL Server Test (Powered by Qualys SSL Labs)
My site has a score of : B
I am curious how your site is ranked? If you are on a professional server my guess is they have it set up fine.
Another site that gives details about SSL settings of your site:
https://ssldecoder.org/
For fun I tested
Composr CMS
Open Source CMS with advanced social, interactive and dynamic features. Fully flexible, themeable and extendible: suitable for building powerful websites.
ranked: B
ssldecoder.org warns about HTTP Strict Transport Security not set. OCSP Stapling not enabled.
Some good tutorials I found:
Configuring Apache, Nginx, and OpenSSL for Forward Secrecy | Qualys
Update: This post is obsolete. For guidance on how to deploy TLS securely, please read SSL/TLS Deployment Best Practices, which we always keep up to date. In my earlier blog post, I gave an overview…
https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm#apache_forward_secrecy
ssl - Let's Encrypt - Apache - OCSP stapling - Unix & Linux Stack Exchange
Posted
Moderator
ssldecoder.org warns about HTTP Strict Transport Security not set. OCSP Stapling not enabled.
We are redirecting http traffic to https, which is equivalent.
IIRC this is done via our .htaccess file.
I think to get top grade on these kinds of tools you usually need to sacrifice some browser compatibility, or suffer slower initial handshake times connecting. It gets pretty complicated.
Posted
Moderator
0 guests and 0 members have recently viewed this.