{"id":27611,"date":"2017-05-23T21:35:01","date_gmt":"2017-05-23T19:35:01","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=27611"},"modified":"2017-05-23T21:35:46","modified_gmt":"2017-05-23T19:35:46","slug":"using-the-strict-transport-security-header","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2017\/05\/23\/using-the-strict-transport-security-header\/","title":{"rendered":"Using the Strict-Transport-Security header"},"content":{"rendered":"\n

Julia Evans<\/a> has an excellent write-up on “Using the Strict-Transport-Security header<\/a>” – what it is, why you’d want to use it, and what are some of the consequences of using one.<\/p>\n

As always with her blog posts, this one is very focused on one particular subject, easy to read, and explains things simply, so that the reader’s technical level is always irrelevant (OK, OK, you do need a basic understanding of how HTTP works, but not more than that).<\/p>\n\n","protected":false},"excerpt":{"rendered":"\n

Julia Evans has an excellent write-up on “Using the Strict-Transport-Security header” – what it is, why you’d want to use it, and what are some of the consequences of using one. As always with her blog posts, this one is very focused on one particular subject, easy to read, and explains things simply, so that … Continue reading Using the Strict-Transport-Security header<\/span><\/a><\/p>\n\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"Using the Strict-Transport-Security header #HTTP #SSL #security #WebDev #SysAdmin","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,6,133,62,1334],"tags":[3225,3487,200,3413,1330,2289],"keyring_services":[],"class_list":["post-27611","post","type-post","status-publish","format-standard","hentry","category-general","category-linux","category-sysadmin","category-technology","category-web-work","tag-http","tag-julia-evans","tag-security","tag-ssl","tag-web-development","tag-web-hosting"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":27287,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/02\/01\/dissecting-an-ssl-certificate\/","url_meta":{"origin":27611,"position":0},"title":"Dissecting an SSL certificate","author":"Leonid Mamchenkov","date":"February 1, 2017","format":false,"excerpt":"Julia Evans does it again. \u00a0If you ever wanted to understand SSL certificates, her post \"Dissecting an SSL certificate\" is for you. \u00a0 This part made me smile: Picking the right settings for your SSL certificates and SSL configuration on your webserver is confusing. As far as I understand it\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27002,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/11\/29\/julias-drawings-on-programming\/","url_meta":{"origin":27611,"position":1},"title":"Julia’s Drawings on Programming","author":"Leonid Mamchenkov","date":"November 29, 2016","format":false,"excerpt":"Julia Evans, who blogs about her programming endeavors, now also draws simple, note-like sketches on a variety of the computer and programming related subjects. \u00a0Those are great as kick memory refreshers or reminders for \"I wanted to learn more about that\" kind of things. \u00a0Here's her take on pipes, for\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"pipes","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2016\/11\/pipes-500x393.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":27268,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/01\/26\/choosing-the-best-software\/","url_meta":{"origin":27611,"position":2},"title":"Choosing the “best software”","author":"Leonid Mamchenkov","date":"January 26, 2017","format":false,"excerpt":"Julia Evans has a nice blog post about choosing the \"best software\". \u00a0Here is my favorite part: So, let\u2019s talk about another way to think about making decisions than \u201cwhat is the Best Thing in this situation\u201d. I run an event series called \u201clightning talks and pie\u201d. At the most\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":29223,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/01\/15\/cloud-diagrams-notes\/","url_meta":{"origin":27611,"position":3},"title":"Cloud Diagrams & Notes","author":"Leonid Mamchenkov","date":"January 15, 2019","format":false,"excerpt":"Jerry Hargrove - Cloud Diagrams & Notes is an excellent resource for (mostly Amazon AWS) cloud diagrams and notes. I'm sure I've seen some of these around, but never thought to visit the original site. To some degree, these are similar to the Julia Evans' drawings, but are more subject\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/01\/Amazon-Lightsail.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":26272,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/07\/24\/httpoxy-a-cgi-application-vulnerability-for-php-go-python-and-others\/","url_meta":{"origin":27611,"position":4},"title":"httpoxy – a CGI application vulnerability for PHP, Go, Python and others","author":"Leonid Mamchenkov","date":"July 24, 2016","format":false,"excerpt":"httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict: RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY HTTP_PROXY is a popular environment variable used to configure\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"httpoxy","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2016\/07\/httpoxy-500x130.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":27844,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/08\/14\/secure-headers-a-php-library-for-easier-management-of-browser-security-features\/","url_meta":{"origin":27611,"position":5},"title":"Secure Headers – a PHP library for easier management of browser security features","author":"Leonid Mamchenkov","date":"August 14, 2017","format":false,"excerpt":"Modern browsers offer a variety of security mechanisms for web developers. \u00a0Unfortunately, some of these aren't so easy to manage. \u00a0One needs a deep understanding of the functionality as well as theory behind. \u00a0Secure Headers is a library that makes all that work a lot easier for PHP developers. \u00a0Here\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=27611"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27611\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=27611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=27611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=27611"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=27611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}