In the second part of this series, we showed you how to harden your web server software. In this part, we introduce TLS cipher suites, talk about OCSP and show you additional security-related HTTP response headers.
Web server security – Part 2: Harden the web server
In the first part of this series, we showed you how to harden your server by configuring your firewall and SSH. In this part, we show you how to secure your web server software.
What is 'secure'?
Secure crypto, secure passwords, secure messaging, secure e-mail, secure browsing—we see ‘secure something’ everywhere, but no one defines this term. On closer inspection, ‘secure’ even becomes a catchword most of the time. We discuss these examples in this article.
Limits of end-to-end encryption
Skype, WhatsApp, Telegram, Signal, Protonmail—more and more services offer end-to-end encryption. While this is good for privacy, it is not a magic bullet. In this article, we show you some limits of E2EE.
Web server security – Part 1: Basic hardening
A web server is just another computer and requires basic security configuration. In the first part, we show you how to secure your SSH access and configure your firewall. You can use this configuration for any type of server.