Search the Community

Showing results for tags 'encryption.chat'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type



Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 1 result

  1. A website with security-aware topics should really be a good example. In your case it is only good, but does not use security features, which it should use or which it might use as a site about encryption. So the SSL config is okay, but there are a few things to mention: You're missing the HSTS header. When you add it you'll get an A+ on SSLLabs. You're sending the root cert, which is unnecessary. You're not sending an intermediate certificate, which is neccessary. Currently this can cause connection failures. OCSP stapling would be a nice thing to add. Additionally you should really add some security headers and please consider using HPKP and CSP.