Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
0
980
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
430
Come to the dark side, they have cookies
timnashcouk
0
1k
Come to the dark side
timnashcouk
0
58
Practical WordPress Security 2018
timnashcouk
0
290
Practical WordPress Security
timnashcouk
0
1.6k
Baking Security into your workflow - Early
timnashcouk
0
970
Security is Everyone responsibility
timnashcouk
0
1k
Other Decks in Programming
See All in Programming
Prepare for Jakarta EE 11 - Performance and Developer Productivity
ivargrimstad
0
240
ONE WEDGE_company_guide
1wedge_one
0
250
"config" ってなんだ? / What is "config"?
okashoi
0
110
受託開発でGitLab CI を活用していく
xiombatsg
1
260
Blue/Greenデプロイの導入による 運用フローの改善
kudoas
1
320
コーンフレークから始める モデリング会話入門
ogurotakayuki
0
220
脱・初心者!脱・マネコン!AWS CDKを使ってみませんか!?
har1101
0
300
イベントストーミングによるオブジェクトモデリング・オブジェクト指向プログラミングの適用・開発プロセスの変遷・アーキテクチャの変革 / Object modeling with Event Storming.
nrslib
13
4.8k
どうしてこうなった命名集 ~🔥編~ / OOC 2024 LT
pictiny
5
3.9k
エンターテイメント業界で利用されるAWS
demuyan
0
190
From Spring Boot 2 to Spring Boot 3 with Java 21 and Jakarta EE
ivargrimstad
0
960
WinUI 3デモ - "CommunityToolkit.Mvvm"NuGetパッケージ編
andrewkeepcoding
0
190
Featured
See All Featured
Web development in the modern age
philhawksworth
201
10k
Building Applications with DynamoDB
mza
88
5.6k
A Tale of Four Properties
chriscoyier
150
22k
4 Signs Your Business is Dying
shpigford
175
21k
Producing Creativity
orderedlist
PRO
336
39k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
103
6.6k
Art, The Web, and Tiny UX
lynnandtonic
288
19k
How STYLIGHT went responsive
nonsquared
92
4.8k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
185
16k
GraphQLとの向き合い方2022年版
quramy
29
12k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
272
12k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
355
22k
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
ivargrimstad
1wedge_one
okashoi
xiombatsg
kudoas
ogurotakayuki
har1101
nrslib
pictiny
demuyan
andrewkeepcoding
philhawksworth
mza
chriscoyier
shpigford
orderedlist
dotmariusz
lynnandtonic
nonsquared
afnizarnur
quramy
stephaniewalter
cassininazir
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}