Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
0
1k
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
450
Come to the dark side, they have cookies
timnashcouk
0
1.2k
Come to the dark side
timnashcouk
0
62
Practical WordPress Security 2018
timnashcouk
0
340
Practical WordPress Security
timnashcouk
0
1.6k
Baking Security into your workflow - Early
timnashcouk
0
980
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
「Chatwork」Android版アプリを 支える単体テストの現在
okuzawats
0
180
今年一番支援させていただいたのは認証系サービスでした
satoshi256kbyte
1
250
プロダクトの品質に コミットする / Commit to Product Quality
pekepek
2
770
menu基盤チームによるGoogle Cloudの活用事例~Application Integration, Cloud Tasks編~
yoshifumi_ishikura
0
110
Haze - Real time background blurring
chrisbanes
1
510
create_tableをしただけなのに〜囚われのuuid編〜
daisukeshinoku
0
240
rails statsで大解剖 🔍 “B/43流” のRailsの育て方を歴史とともに振り返ります
shoheimitani
2
930
Semantic Kernelのネイティブプラグインで知識拡張をしてみる
tomokusaba
0
180
Go の GC の不得意な 部分を克服したい
taiyow
2
770
42 best practices for Symfony, a decade later
tucksaun
1
180
これが俺の”自分戦略” プロセスを楽しんでいこう! - Developers CAREER Boost 2024
niftycorp
PRO
0
190
Effective Signals in Angular 19+: Rules and Helpers @ngbe2024
manfredsteyer
PRO
0
130
Featured
See All Featured
Dealing with People You Can't Stand - Big Design 2015
cassininazir
365
25k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Intergalactic Javascript Robots from Outer Space
tanoku
270
27k
We Have a Design System, Now What?
morganepeng
51
7.3k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.9k
Adopting Sorbet at Scale
ufuk
73
9.1k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.4k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
48
2.2k
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.3k
Being A Developer After 40
akosma
87
590k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
170
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
okuzawats
satoshi256kbyte
pekepek
yoshifumi_ishikura
chrisbanes
daisukeshinoku
shoheimitani
tomokusaba
taiyow
tucksaun
niftycorp
manfredsteyer
cassininazir
afnizarnur
tanoku
morganepeng
bcantrill
ufuk
geoffreycrofte
jponch
tammyeverts
zakiyama
akosma
bluesmoon
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}