30sec to integrate Content Security Policy in your apps with Sqreen

Content Security Policy (CSP) is an HTTP header that instructs the browser to limit loading of external assets, such as scripts, styles or media to specific sources. It prevents wide categories of attacks, such as cross-site scripting (XSS), click-jacking and other code injection. Enabling Content Security Policy into your app is straightforward with Sqreen.

My Let’s Encrypt mistake

SSLping was born as a side project. It’s useful to people, which is cool, but today it was also helpful to me! I use it to monitor my HTTPS websites. This morning, my own SSLping project sent me an email about how my website https://hire.chris-hartwig.com is about to expire (in 10 days): it’s using Letsencrypt, and it’s been 80 days since I installed the cert.


What after I install Let’s encrypt?

TL;DR you’re never done with Let’s encrypt: once your servers are secure, you must ensure they stay that way. Let’s encrypt is a no brainer: this initiative benefits us all, with free domain-validated certificates. It’s easy to setup and free. There’s probably automatic installation for your web server of choice, the community behind it can help, and tutorials are everywhere. Then you head to https://.com and you’re done… not.


Set Up a Service Status Page for Free with Cachet

The best way for organizations to handle these kinds of situations is with complete transparency. This can easily be achieved by setting up a status page that reflects your service's operational status. You can set up this status page to display uptime metric graphs, any recent incidents, what is being done to resolve them, and an incident history.