18 September 2014
by Deimos
0 comments

Nginx: enable HSTS (force SSL for users)

I recently heard of HSTS which is a way to force users to come back to your website in SSL if they’ve already be to HTTPS once. It is simple, just add this line:

If you want to have … Continue reading

8 April 2014
by Deimos
6 Comments

OpenSSL: diagnose and correct the heartbleed issue

A big and major issue on OpenSSL has been discovered and everybody is talking about it. To get more informations, there’s a website. How to check the vulnerability, download this file:

Now launch it:

I was vulnerable as … Continue reading