Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
1k
0
Share
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.4k
Come to the dark side
timnashcouk
0
71
Practical WordPress Security 2018
timnashcouk
0
420
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
VueエンジニアがReactを触って感じた_設計の違い
koukimiura
0
180
Surviving Black Friday: 329 billion requests with Falcon!
ioquatix
0
730
Oxlintとeslint-plugin-react-hooks 明日から始められそう?
t6adev
0
280
Vibe NLP for Applied NLP
inesmontani
PRO
0
450
[RubyKaigi 2026] Require Hooks
palkan
1
220
AIエージェントで業務改善してみた
taku271
0
540
Claude CodeでETLジョブ実行テストを自動化してみた
yoshikikasama
0
580
アクセシビリティ試験の"その後"を仕組み化する
yuuumiravy
1
170
How We Benchmarked Quarkus: Patterns and anti-patterns
hollycummins
1
150
レガシーPHP転生 〜父がドメインエキスパートだったのでDDD+Claude Codeでチート開発します〜
panda_program
0
1k
(Re)make Regexp in Ruby: Democratizing internals for the JIT
makenowjust
2
550
TiDBのアーキテクチャから学ぶ分散システム入門 〜MySQL互換のNewSQLは何を解決するのか〜 / tidb-architecture-study
dznbk
1
180
Featured
See All Featured
Joys of Absence: A Defence of Solitary Play
codingconduct
1
350
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
cargoodrich
3
680
How to train your dragon (web standard)
notwaldorf
97
6.6k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
170
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
99
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
270
Thoughts on Productivity
jonyablonski
76
5.1k
Designing Powerful Visuals for Engaging Learning
tmiket
1
350
Building the Perfect Custom Keyboard
takai
2
730
Ruling the World: When Life Gets Gamed
codingconduct
0
210
The Cult of Friendly URLs
andyhume
79
6.8k
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
koukimiura
ioquatix
t6adev
inesmontani
palkan
taku271
yoshikikasama
yuuumiravy
hollycummins
panda_program
makenowjust
dznbk
codingconduct
.jpg){kind=avatar}
cargoodrich
notwaldorf
.png){kind=avatar}
helenjbeal
stuffmc
marktimemedia
apolaine
jonyablonski
tmiket
takai
andyhume
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}