Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
1k
0
Share
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.4k
Come to the dark side
timnashcouk
0
72
Practical WordPress Security 2018
timnashcouk
0
420
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
400
Cloudflare で始める Data Platform
ta93abe
0
180
ECR拡張スキャンでSBOMを収集して サプライチェーン攻撃の影響調査を 爆速で終わらせてみた
akihisaikeda
1
120
Import assertionsが消えた日~ECMAScriptの仕様はどう決まり、なぜ覆るのか~
bicstone
2
190
AI時代になぜ書くのか
mutsumix
0
420
なぜあなたのコードには「コシ」がないのか?〜AI時代に問う、最後まで美味しい設計と戦略〜 #phpconkagawa / phpconkagawa2026
shogogg
0
210
エラー処理の温故知新 / history of error handling technic
ryotanakaya
7
1.9k
Augmenting AI with the Power of Jakarta EE
ivargrimstad
0
510
いつか誰かが、と思っていた フロントエンド刷新5年間の実践知
kiichisugihara
1
280
検索設計から 推論設計への重心移動と Recall-First Retrieval
po3rin
5
1.7k
PHPer、Cloudflare に引っ越す
suguruooki
2
220
[BalkanRuby 2026] Drop your app/services!
palkan
3
490
Featured
See All Featured
Mobile First: as difficult as doing things right
swwweet
225
10k
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
290
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
390
Building AI with AI
inesmontani
PRO
1
1k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
250
1.3M
Crafting Experiences
bethany
1
150
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
360
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
300
A better future with KSS
kneath
240
18k
How to Think Like a Performance Engineer
csswizardry
28
2.6k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
330
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
ivargrimstad
ta93abe
akihisaikeda
bicstone
mutsumix
shogogg
ryotanakaya
kiichisugihara
po3rin
suguruooki
palkan
swwweet
uxyall
mfonobong
inesmontani
sugarenia
bethany
skipperchong
marcduiker
skoyamalab
kneath
csswizardry
greggifford
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}