Web
To improve websites and the underlying webserver configuration, we collect useful tips to enhance your systems. Let’s build a better web together!
Articles for Web
Want to improve caching on your nginx web server? Learn how to set the Expires header and enhance your nginx configuration.
Nginx can be configured to block all HTTP requests of clients that don't offer to do a compressed data transfer, saving bandwidth and energy.
HTTP Strict Transport Security (HSTS) is a security capability to force clients to use HTTPS. In this article, we implement HSTS for Apache and Nginx.
Here are the steps to take on Chrome when a HSTS key pin is set on a website, but incorrect. Go to the net-internals settings to search for the domain.
HPKP is great to pin a certificate to a website, unless it starts blocking access to it. Here is how to solve the issue for an oudated HPKP key pin.
Secure your nginx service by using security features provided by systemd. We have a look at the available options that systemd units can offer.
Security professionals usually don't advise to use security through obscurity. Still, it's wise to hide the nginx version number.
The web changes and so does one of the most important underlying protocols HTTP. Learn about HTTP/2 and what it means for performance and security.
Want to block all HTTP POST requests in nginx? There are multiple ways to achieve this and within this article we look at the best fit.
Nginx is flexible when it comes to what should be logged in the access.log. With the combination of a map and if-statement, this can be achieved very easily!
Want to see all configured virtual hosts on a server running nginx? Here is a method to achieve this quickly by using a default configuration option.
Learn how to secure your nginx configuration with this hardening guide. It includes examples and tips to implement security measures step by step.
Let's make the web a smaller place by pre-compressing static assets with Brotli and Gzip. Here are some useful tips to get started.
The BEAST attack showed up in 2011 and some servers are still vulnerable to it. With the right protocols, ciphers and preference, we can keep the BEAST out.
Nginx can be configured to rate limit HTTP requests based on the IP address of the client. Learn how to set it up and tune it to your needs.
OCSP stapling is a logical follow-up on Online Certificate Status Protocol. With newer versions of Nginx we can enable OCSP stapling and enable testing.
Want to test your web server and see if static files are properly cached? Curl can help and with some scripting even automate the task for you.