I recently picked up a Yubico U2F hardware key and thought I’d try to create a web application that was protected with two-factor hardware-based authentication. Things were going smooth until I realized that it is mandatory to be using HTTPS within your application, even when testing locally. HTTPS is common, but I’d never actually set it up with Node.js because I had always been using services like Cloudflare that configure it for you. The problem is that these services are for live domain names, not necessarily localhost.
While we’re not going to explore U2F hardware keys in this tutorial, we’re going to take a look at creating and installing a self-signed certificate for use in Node.js within macOS.Read More
The release of iOS 9 has caused a mess of problems in the Apache Cordova, Ionic Framework, and PhoneGap communities. Problems spanning from styling issues, to permission issues, and even stricter security requirements that Apache Cordova wasn’t ready to handle.
Here I’m going to discuss App Transport Security (ATS) an issue that is rapidly appearing amongst app developers.Read More
Because of popular request, I decided to make my entire WordPress blog secured behind an HTTPS connection. In addition to requests, I also read that search engines such as Google reward site owners that have complete sites behind HTTPS.
In a previous post I made, I explained how to generate and install an SSL certificate to an Apache web server, but things are a little different in terms of WordPress.Read More
When you have a website that transmits information from a user to your server it is very important to encrypt it. The last thing you want is someones password being sniffed by a malicious user when they register or sign in. By using Secure Socket Layer (SSL), data is encrypted between client and server preventing any malicious users from sniffing your password in plain text.
The following will help you install an SSL certificate to one of your Apache web server virtual hosts.Read More