Tag: web security

  • SSL links, videos and other resources.

    SSL links, videos and other resources.

    SSL is a very important subject. All websites/apps should be using it. However the docs will leave you scratching your head saying WTF? So I am creating this long list of resources for anyone else who ever has to learn how to use it. Articles First here is a link to the docs – this […]

  • Forced password changes are not good security policy

    Forced password changes are not good security policy

    To combat this unintelligent BS I am now starting a list of idiots that do this. For so long I have read and heard that a GREAT security feature is to force your users to change passwords every so many days/months. Linux even has a built in feature for this. This is a really stupid […]

  • AWS autoscaling links and resources

    AWS autoscaling lets you set up groups of EC2 instances which are controlled by a load balancer. The load balancer in turn makes sure your app has the correct number of EC2 instances running at all times. If your traffic is high it adds the maximum that you set. If traffic goes down it adjust […]

  • Server and cloud security resources and links

    CSP Cheat Sheet – CSP content security policy is for setting server security policies for accessing your systems content/files etc. Configuring Play Framework Content Security Policy Headers –

  • Web App security resources

    Practical HTTP Host header attacks – Must read to understand how hackers use HTTP headers to hack websites. Link to OWASP cheatsheet  – a good cheat sheet Website security by MDN – covers some very basic information about website security such as SQL injection