Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
0
1k
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
460
Come to the dark side, they have cookies
timnashcouk
0
1.2k
Come to the dark side
timnashcouk
0
62
Practical WordPress Security 2018
timnashcouk
0
360
Practical WordPress Security
timnashcouk
0
1.6k
Baking Security into your workflow - Early
timnashcouk
0
980
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
なぜイベント駆動が必要なのか - CQRS/ESで解く複雑系システムの課題 -
j5ik2o
10
3.7k
2024年のWebフロントエンドのふりかえりと2025年
sakito
3
250
第3回関東Kaggler会_AtCoderはKaggleの役に立つ
chettub
3
1k
ペアーズでの、Langfuseを中心とした評価ドリブンなリリースサイクルのご紹介
fukubaka0825
2
320
パスキーのすべて ── 導入・UX設計・実装の紹介 / 20250213 パスキー開発者の集い
kuralab
3
790
2,500万ユーザーを支えるSREチームの6年間のスクラムのカイゼン
honmarkhunt
6
5.3k
法律の脱レガシーに学ぶフロントエンド刷新
oguemon
5
740
Immutable ActiveRecord
megane42
0
140
動作確認やテストで漏れがちな観点3選
starfish719
6
1k
Amazon Bedrock Multi Agentsを試してきた
tm2
1
290
ファインディLT_ポケモン対戦の定量的分析
fufufukakaka
0
720
責務と認知負荷を整える! 抽象レベルを意識した関心の分離
yahiru
3
540
Featured
See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
1k
How GitHub (no longer) Works
holman
314
140k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Being A Developer After 40
akosma
89
590k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
630
A better future with KSS
kneath
238
17k
Faster Mobile Websites
deanohume
306
31k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.5k
Navigating Team Friction
lara
183
15k
The Pragmatic Product Professional
lauravandoore
32
6.4k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.1k
BBQ
matthewcrist
87
9.5k
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
j5ik2o
sakito
chettub
fukubaka0825
kuralab
.png){kind=avatar}
honmarkhunt
oguemon
megane42
starfish719
tm2
fufufukakaka
yahiru
garrettdimon
holman
hatefulcrawdad
akosma
tammyeverts
kneath
deanohume
zakiyama
lara
lauravandoore
thoeni
matthewcrist
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}