#hsts — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #hsts, aggregated by home.social.
-
Enabled HSTS with includeSubDomains and preload.
The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.
Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.
-
Enabled HSTS with includeSubDomains and preload.
The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.
Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.
-
Enabled HSTS with includeSubDomains and preload.
The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.
Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.
-
Enabled HSTS with includeSubDomains and preload.
The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.
Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.
-
💡Denk mee en reageer op de consultatie van het aangepaste “Besluit beveiligde verbinding met overheidswebsites en -webapplicaties”: https://www.internetconsultatie.nl/verzamelbesluitdigitaleoverheid
📜In het herziene besluit op basis van de Wet digitale overheid wordt verwezen naar nieuwe versies van de TLS- en Webapplicatie-richtlijnen van @ncsc_nl. Reageer voor 6 jan, 2026.
Meer info over het huidige besluit: https://www.digitaleoverheid.nl/overzicht-van-alle-onderwerpen/wetgeving/wet-digitale-overheid/veelgestelde-vragen-verplichting-https-en-hsts-voor-overheidswebsites/
#beveiliging #websites #openstandaarden #HTTPS #HSTS -
@gelatin @wyatt Maybe I'm missing something. If an attacker on a coffee shop WLAN sniffs your session cookie for a forum, they can proceed to ruin your life by posting illegal material under your name. There used to be a browser extension called "Firesheep" that would snoop others' cookies for Facebook until Facebook went all HTTPS all the time.
-
@gelatin @wyatt Maybe I'm missing something. If an attacker on a coffee shop WLAN sniffs your session cookie for a forum, they can proceed to ruin your life by posting illegal material under your name. There used to be a browser extension called "Firesheep" that would snoop others' cookies for Facebook until Facebook went all HTTPS all the time.
-
@gelatin @wyatt Maybe I'm missing something. If an attacker on a coffee shop WLAN sniffs your session cookie for a forum, they can proceed to ruin your life by posting illegal material under your name. There used to be a browser extension called "Firesheep" that would snoop others' cookies for Facebook until Facebook went all HTTPS all the time.
-
@gelatin @wyatt Maybe I'm missing something. If an attacker on a coffee shop WLAN sniffs your session cookie for a forum, they can proceed to ruin your life by posting illegal material under your name. There used to be a browser extension called "Firesheep" that would snoop others' cookies for Facebook until Facebook went all HTTPS all the time.
-
@gelatin @wyatt Maybe I'm missing something. If an attacker on a coffee shop WLAN sniffs your session cookie for a forum, they can proceed to ruin your life by posting illegal material under your name. There used to be a browser extension called "Firesheep" that would snoop others' cookies for Facebook until Facebook went all HTTPS all the time.
-
#help #hacked #sos #persistentlyHacked #disablementCampaign #conspiracyToOppress #illegalSurveillance #middleManAttack #peerTube #HSTS
MIDDLE MAN SNIFFING, and can't load instances.joinpeertube.org and sepiasearch.org without. KEEP getting WARNING "Your connection is not private" ERR_CERT_AUTHORITY_INVALID
You cannot visit right now becasue the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later. -
tesla.com, spacex.com, and boringcompany.com are all not on the HSTS preload list.
it would be a total shame if someone in a privileged network position used this to start inserting content letting people know that the CEO of these companies is a fucking Nazi.
#hstspreloadlist #hsts #tesla #TeslaProtests #ElonMusk #doge
-
Aha, takže to je kvůli #HSTS a includeSubDomains.
https://www.rfc-editor.org/rfc/rfc6797#section-6.1.2Je fajn, když člověk u nějaké IT magie zjistí, proč se to chová, jak se to chová.
-
step 0: Have a domain with a "real" cert and a subdomain with a self-signed cert
step 1: accept self-signed cert in firefox on subdomain
step 2: activate HSTS on main domain
step 3: wonder why self-signed cert no longer accepted on subdomain :S -
Can anyone offer a guess as to why I'm getting an HSTS error only on one computer?
I've run all Windows updates and a full virus/malware scan, and still can't load hippyjo.com or idwerkz.com on my desktop machine, in any browser.
They load fine on my laptop and phone though.
I've cleared cache, DNS, for windows and Chrome, and Firefox.
SSL certificate is valid, though I am not certain my hosting service has configured everything else properly. But they seem to load fine on every device other than my desktop.
I've exhausted my brain - can't figure out why the problem is only on this machine.
Please and thank you in advance for any ideas of what might be going on.
#html #hsts #troubleshoot #weirdError -
Made my personal website get the maximum amount of points of Mozilla's HTTP Observatory. Now, my static site delivers content as securely as it possibly can. I highly recommend anyone with a personal website to tweak it along with their webserver so that it gets at least a hundred points on HTTP Observatory.
https://developer.mozilla.org/en-US/observatory
The least you can do is add your site to the HSTS Preload list (https://hstspreload.org/).#blog #personalwebsite #mozilla #mdn #http #caddyserver #hsts #webdev
-
It’s 2024 and certificate renewal is still an issue. (Love that they’ve enabled HSTS though.)
-
@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] no every orgasm i have is a political statement
#honbeast #gorillamodding #blanchard #tttt #hsts #dahmer #trans2incel -
@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] no every orgasm i have is a political statement
#honbeast #gorillamodding #blanchard #tttt #hsts #dahmer #trans2incel -
@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] no every orgasm i have is a political statement
#honbeast #gorillamodding #blanchard #tttt #hsts #dahmer #trans2incel -
Took a shit the size of my forearm
#hsts #blanchard #t #malebrained #mtf #amab -
About to sign a contract with The Devil #hsts #webhosting #security
-
Here's a good explanation on what HSTS is and why it's important. https://www.maxivanov.io/http-strict-transport-security/ (there's a lot of bad explanations on the net)
I noticed the coolify.io website doesn't have these HSTS headers
-
Apparently Mozilla fixed the unreliability of #HSTS 5 months ago. My bug report was resolved as a result. That's great news!
As far as I know, the HSTS table can now hold up to 2048 entries. Only 0.1% of Firefox users use more than that.
Also, the implementation of nsIDataStorage seems to allow additional temporary data, so even more values could be stored. However, I didn't really understand how this works.
-
secure your #wordpress site with #http #headers content-security policy #csp cross origin embedder policy #coep cross origin opener policy #coop cross origin resource policy #corp referrer policy http strict transport security #hsts permission policy and others: https://jornfranke.codeberg.page/technology-tutorials/wordpress-csp/
-
secure your #wordpress site with #http #headers content-security policy #csp cross origin embedder policy #coep cross origin opener policy #coop cross origin resource policy #corp referrer policy http strict transport security #hsts permission policy and others: https://jornfranke.codeberg.page/technology-tutorials/wordpress-csp/
-
secure your #wordpress site with #http #headers content-security policy #csp cross origin embedder policy #coep cross origin opener policy #coop cross origin resource policy #corp referrer policy http strict transport security #hsts permission policy and others: https://jornfranke.codeberg.page/technology-tutorials/wordpress-csp/
-
secure your #wordpress site with #http #headers content-security policy #csp cross origin embedder policy #coep cross origin opener policy #coop cross origin resource policy #corp referrer policy http strict transport security #hsts permission policy and others: https://jornfranke.codeberg.page/technology-tutorials/wordpress-csp/
-
secure your #wordpress site with #http #headers content-security policy #csp cross origin embedder policy #coep cross origin opener policy #coop cross origin resource policy #corp referrer policy http strict transport security #hsts permission policy and others: https://jornfranke.codeberg.page/technology-tutorials/wordpress-csp/
-
Update: it appears to be fixed now. #authentik #ssl #netlify #hsts
-
Trying to read about Authentik, but the website certificate on goauthentik.io has the wrong host, and HSTS means you can't access it with an invalid certificate.
Try to report it to the team and can only find a "join our Discord" link, except its not an invite link it's a link to the website which (if it was working) might redirect me there.
I guess I don't get to learn about Authentik today. #authentik #ssl #netlify #hsts -
The #HSTS pre-load list is about 14MB and contains roughly 130k entries.
Of which…
🏢 4,507 are .gov domains
🇬🇧 2,676 .uk
🇫🇷 1,725 .fr
ℹ 713 .info
🗺 418 IDNs (xn--)
💑 187 have "porn" in the domain
🏳️🌈 25 .gayIt contains plenty of rude words, not many obvious slurs, and I wonder what surprises are hidden in there?
-
https://internet.nl/site/www.server4you.de/2351583/
#noipv6 add #ipv6
#noDNSSEC add #DNSSEC
#noHSTS add #HSTS
Need better key exchange parameter
Learn https://internet.nl -
Mein #Wochenrückblick, Ausgabe 5 (2023-35). Diesmal mit #Things und #Obisidian, #iOS Accessibility Shortcuts, #Axt gegen Hauklotz, #Amazon #SES und #msmtp, @mailbox_org, #HSTS, #Shimano, natürlich dem #Knoten der Woche und #Techno.
https://www.marcusjaschen.de/blog/2023/2023-35/ https://www.marcusjaschen.de/blog/2023/2023-35/
-
Mein #Wochenrückblick, Ausgabe 5 (2023-35). Diesmal mit #Things und #Obisidian, #iOS Accessibility Shortcuts, #Axt gegen Hauklotz, #Amazon #SES und #msmtp, @mailbox_org, #HSTS, #Shimano, natürlich dem #Knoten der Woche und #Techno.
https://www.marcusjaschen.de/blog/2023/2023-35/ https://www.marcusjaschen.de/blog/2023/2023-35/
-
Mein #Wochenrückblick, Ausgabe 5 (2023-35). Diesmal mit #Things und #Obisidian, #iOS Accessibility Shortcuts, #Axt gegen Hauklotz, #Amazon #SES und #msmtp, @mailbox_org, #HSTS, #Shimano, natürlich dem #Knoten der Woche und #Techno.
https://www.marcusjaschen.de/blog/2023/2023-35/ https://www.marcusjaschen.de/blog/2023/2023-35/
-
Mein #Wochenrückblick, Ausgabe 5 (2023-35). Diesmal mit #Things und #Obisidian, #iOS Accessibility Shortcuts, #Axt gegen Hauklotz, #Amazon #SES und #msmtp, @mailbox_org, #HSTS, #Shimano, natürlich dem #Knoten der Woche und #Techno.
https://www.marcusjaschen.de/blog/2023/2023-35/ https://www.marcusjaschen.de/blog/2023/2023-35/
-
Mein #Wochenrückblick, Ausgabe 5 (2023-35). Diesmal mit #Things und #Obisidian, #iOS Accessibility Shortcuts, #Axt gegen Hauklotz, #Amazon #SES und #msmtp, @mailbox_org, #HSTS, #Shimano, natürlich dem #Knoten der Woche und #Techno.
https://www.marcusjaschen.de/blog/2023/2023-35/ https://www.marcusjaschen.de/blog/2023/2023-35/