How the web changes with HTTP/2: Performance and Security

Changes to the web: HTTP/2 Performance and Security On invitation by the Dutch consultancy firm Snow, I attended their Snow Unix Event (SUE). It was the third time in a row, with again an impressive lineup of speakers. As I worked previously for the company, I expected no less than that. The theme was about knowledge sharing. That sounds like an invitation to also share some of the biggest insights I learned. Let’s start with the HTTP/2 insights by Daniel […]

Read more

Configure HSTS (HTTP Strict Transport Security) for Apache/Nginx

Configure HSTS (HTTP Strict Transport Security) for Apache/Nginx HTTP Strict Transport Security, or HSTS is a security capability to force web clients use HTTPS. The idea behind HSTS is that clients which always should communicate safely, to directly use HTTPS instead of HTTP. Benefits The clear benefit of “forcing” a client to use HTTPS directly, is decreasing the risk of sharing any sensitive information via a protocol which can be snooped upon. Additionally it improves the performance by eliminating one […]

Read more