Hacker News
- Paypal.com is using revoked certificate https://www.ssllabs.com/ssltest/analyze.html?d=paypal.com&hideResults=on&s=64.4.250.36 20 comments
- 1.1.1.1 doesn't have a valid TLS cert, only cloudflare-dns.com https://www.ssllabs.com/ssltest/analyze.html?d=1.1.1.1 2 comments
- Nitter SSL Cert Expired https://www.ssllabs.com/analyze.html?amp%3BhideResults=on&%3Blatest=&d=nitter.net 2 comments
- Apple.com Gets F in SSL Test, vulnerable to zombie POODLE https://www.ssllabs.com/ssltest/analyze.html?d=apple.com&latest= 5 comments
- SSL Labs Client Test https://www.ssllabs.com/ssltest/viewMyClient.html 2 comments
- SSL/TLS Deployment Best Practices v1.3 https://www.ssllabs.com/projects/best-practices/ 37 comments
- SSL Report: duckduckgo.com https://www.ssllabs.com/ssltest/analyze.html?d=duckduckgo.com&s=50.18.192.251 47 comments
- Quick online tool to check SSL configurations https://www.ssllabs.com/ssldb/analyze.html?d=https%3A%2F%2Fnews.ycombinator.com 15 comments
- Hunchentoot does not send the whole certificate chain https://www.ssllabs.com/ssltest/ 5 comments lisp
- Spreadprivacy.com TLS Certificate Issue https://www.ssllabs.com/ssltest/analyze.html?d=spreadprivacy.com 4 comments duckduckgo
- Palo Alto Global Protect SSL https://ssllabs.com 3 comments sysadmin
- Fullchain certificate SSL https://ssllabs.com 15 comments sysadmin
- Certificate revocation is a mess https://www.ssllabs.com/ssltest/index.html 5 comments firefox
- Letsencrypt behind walled garden not working all of a sudden https://ssllabs.com 16 comments sysadmin
- cdnjs.cloudflare.com is down. Cause: misconfigured SSL cert https://www.ssllabs.com/ssltest/analyze.html?d=cdnjs.cloudflare.com 3 comments programming
- Application Load Balancer Security Policy change not reflecting in SSL scan https://www.ssllabs.com/ssltest/index.html 4 comments aws
- Help with Nginx SSL Config https://www.ssllabs.com/ssltest/index.html 4 comments sysadmin
- The best SSL web tools. Do you know any other? https://www.ssllabs.com/ 5 comments sysadmin
- SSL Cipher Suites Windows and Linux https://ssllabs.com 3 comments sysadmin
- You want use Gigabyte online support? Ok! You need to create a account for that, BUT look first how *not* secure their servers are https://www.ssllabs.com/ssltest/analyze.html?d=passport.gigabyte.com 24 comments netsec
- This server accepts RC4 cipher, but only with older protocols. Grade capped to B. - How do I fix this (I've looked all over) https://www.ssllabs.com/ssltest/analyze.html?d=www.linuxliaison.org 5 comments sysadmin
- Decent Online Security / Vulnerability Scanners? https://www.ssllabs.com/ssltest/ 7 comments selfhosted
- [NP] The Bangalore Water Supply and Sewage Board's website might be compromised. Whom can I contact about this? https://www.ssllabs.com/ssltest/analyze.html?d=bwssb.gov.in 10 comments india
- PSA: Sophos Web Appliance authorization connects to the most insecure page, ever. https://www.ssllabs.com/ssltest/analyze.html?d=wsa-reg.sophos.com 12 comments sysadmin
- Proper HTTP>HTTPS forwarding in nginx https://www.ssllabs.com/ssltest/ 11 comments sysadmin
- Chrome dropped support for secp521r1??? https://www.ssllabs.com/ssltest/viewMyClient.html 4 comments chrome
- Trying to get my "A+" on Qualys SSL Labs back. https://www.ssllabs.com/ssltest/analyze.html?d=komic.eu 19 comments debian
- Test any websites grade of SSL encryption https://www.ssllabs.com/ssltest/ 3 comments privacy
- Youtube finally supports TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 which means you can now disable RC4 in firefox and still watch Youtube videos! (x-post from /r/netsec) https://www.ssllabs.com/ssltest/analyze.html?d=r16---sn-5hnezn7r.googlevideo.com 11 comments firefox
- Youtube finally supports TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 which means you can now disable RC4 in firefox and still watch Youtube videos! https://www.ssllabs.com/ssltest/analyze.html?d=r16---sn-5hnezn7r.googlevideo.com 14 comments netsec
- Windows / SSL hardening https://www.ssllabs.com/ssltest/ 9 comments sysadmin
- In light of the recent OpenSSL vulnerability, perform an SSL checkup: Qualys SSL Server Test https://www.ssllabs.com/ssltest/ 3 comments sysadmin
- SSL/TLS Deployment Best Practices v1.3 https://www.ssllabs.com/projects/best-practices/ 2 comments sysadmin
- SSL/TLS Deployment Best Practices v1.3 https://www.ssllabs.com/projects/best-practices/ 42 comments netsec
- SSL/TLS Deployment Best Practices https://www.ssllabs.com/downloads/ssl_tls_deployment_best_practices_1.3.pdf 18 comments netsec
- startpage has followed in duckduckgo's footsteps and added support for Forward Secrecy https://www.ssllabs.com/ssltest/analyze.html?d=startpage.com&s=69.28.209.213 3 comments privacy
- SSL/TLS Deployment Best Practices [version 1.1] https://www.ssllabs.com/projects/best-practices/index.html 4 comments netsec
Linking pages
- rwasa | 2 Ton Digital https://2ton.com.au/rwasa/ 99 comments
- Hoping to avert “collision” with disaster, Microsoft retires SHA1 | Ars Technica http://arstechnica.com/security/2013/11/hoping-to-avert-collision-with-disaster-microsoft-retires-sha1/ 84 comments
- Crack in Internet’s foundation of trust allows HTTPS session hijacking | Ars Technica http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/ 78 comments
- Why we don’t use a CDN: A story about SPDY and SSL – — The Theme Foundry – WordPress themes for publishers https://thethemefoundry.com/blog/why-we-dont-use-a-cdn-spdy-ssl/ 72 comments
- GitHub - jrothrock/server_notes: Building a Server on Digital Ocean With Ubuntu and Nginx https://github.com/jrothrock/server_notes 39 comments
- Fingerprinting Firefox users with cached intermediate CA certificates (#fiprinca) - shift or die https://shiftordie.de/blog/2017/02/21/fingerprinting-firefox-users-with-cached-intermediate-ca-certificates-fiprinca/ 33 comments
- Self-hosting a static site with OpenBSD, httpd, and relayd - citizen428.net https://citizen428.net/blog/self-hosting-static-site-openbsd-httpd-relayd/ 31 comments
- Mozilla Launches Free Website Security Testing Service http://news.softpedia.com/news/mozilla-launches-free-website-security-testing-service-507648.shtml 14 comments
- GitHub - paragonie/awesome-appsec: A curated list of resources for learning about application security https://github.com/paragonie/awesome-appsec#resubmit 13 comments
- Cipher Security: How to harden TLS and SSH | Linux Journal https://www.linuxjournal.com/content/cipher-security-how-harden-tls-and-ssh 8 comments
- 60+ Wordpress Security Scanners To Find Vulnerabilities [2022] https://secure.wphackedhelp.com/blog/wordpress-vulnerability-security-scanner/ 8 comments
- Nginx and Let’s Encrypt with Docker in Less Than 5 Minutes | by Philipp | Medium https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71 7 comments
- Planet 5 http://planet5.cat-v.org/ 6 comments
- CryptoLyzer: A comprehensive cryptographic settings analyzer - Szilárd Pfeiffer https://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html 2 comments
- Why You Need HTTPS for Your Website, Today | by PINT, Inc. | Medium https://medium.com/@Merrily/why-you-need-https-for-your-website-today-d9582c75d58c#.3q4jl9mcy 2 comments
- Even after the latest Google update, these top brands could be putting you at risk! | by Jon Tavarez | Medium https://medium.com/@jon_tavarez/even-after-the-latest-google-update-these-top-brands-could-be-putting-you-at-risk-f03cf02f452 2 comments
- What do Lighthouse Scores look like across the web? | Tune The Web https://www.tunetheweb.com/blog/what-do-lighthouse-scores-look-like-across-the-web/ 1 comment
- The Sorry State Of SSL https://hynek.me/talks/tls/ 1 comment
- CryptoLyzer: A comprehensive cryptographic settings analyzer - DEV Community 👩💻👨💻 https://dev.to/coroner/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer-4l0c 0 comments
- Setup Let's Encrypt with NGINX · redlua http://redlua.com/post/setup-lets-encrypt-with-nginx/ 0 comments