ssl

Disable ECDH public server param reuse in Windows Server IIS

Windows Server IIS is known for reusing DH key values, but there is a way to disable ECDH public server param reuse in Windows Server IIS and here is how.

Published on Tuesday, 9 April 2024

Use PowerShell with SSL client certificates for HTTPS GET requests

Sometimes you have use a specific TLS/SSL certificate or thumbprint for outgoing HTTPS connections because of endpoint restrictions. To test these connections you can use PowerShell, but how do you get the required certificate from your certificate store?

Published on Thursday, 2 November 2023

Install SSL/TLS certificates in Windows Server using PowerShell

The following PowerShell snippet can be used to quickly install an SSL (or TLS) certificate in Windows Server. It assumes you have a PFX file and its password. The default location is Cert:\LocalMachine\My, to use for IIS websites.

Published on Thursday, 10 August 2023

Force HSTS in Apache .htaccess

Learn how to enable HSTS in Apache .htaccess configuration file to start using HTTP Strict Transport Security (HSTS)

Published on Friday, 18 December 2020

How to use SSL in PHP Data Objects (PDO) mysql

If you want to connect securely to your MySQL database using PHP Data Objects (PDO), here is how to connect to MySQL with PHP PDO using an SSL encrypted connection.

Published on Tuesday, 7 August 2018

How to turn off the TLS default in FileZilla?

A short post for my colleagues at the customer support and anyone else wondering the same: how to disable TLS encryption in FileZilla and turn off the FTP over TLS default setting?

Read more...

Published on Monday, 10 July 2017

SSL in WordPress: how to move WordPress to HTTPS? The definitive guide

Having an SSL certificate in your WordPress is the de-facto standard nowadays, did you know that? Google ranks sites having HTTPS higher in their SERP. But in WordPress, how do you configure an SSL certificate and HTTPS URL? You'll learn the important steps to move WordPress from http to https in this post.

Published on Friday, 15 July 2016

Ghost on IIS with HTTPS, how to resolve a "Too many redirects" error

When you use iisnode to host the Node.js blogging software Ghost on your IIS web server you may encounter a \"Too many redirects\" error while setting up and TLS/SSL certificate for your site. Here is the solution.

Published on Tuesday, 17 May 2016

How to enable HTTP Strict-Transport-Security (HSTS) on IIS

Set up HTTP Strict-Transport-Security (HSTS) response header in Windows Server IIS 10. Scott Hanselman wrote a great post on how to enable HTTP Strict-Transport-Security (HSTS) on IIS web servers, and here is some more technical information about HSTS in IIS, and other security headers...

Read more...

Published on Saturday, 6 June 2015

Redirect HTTP to HTTPS

In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. Use these examples to your advantage to secure the traffic between your visitors and your website.

Published on Friday, 13 March 2015

windows-server (96) iis (80) powershell (76) php (54) wordpress (45) mysql (36) windows (34) performance (28) linux (23) web.config (23) Website (22) htaccess (20) aspnet (19) url-rewrite-module (19) sql-server (18) bash (18) optimization (18) ssl (17) plugin (13) windows-10 (12) devops (11) monitoring (11) security (10) gnu-linux (10) appcmd (10) wsl (9) smtp (9) wincache (9) wmi (8) zabbix (8) windows-update (8) opcache (8) openssh (7) database (7) dism (7) iis-60 (7) sysops (6) wsus (6) apache (6) hyper-v (6) virtualization (6) spam (6) functions-php (6) classic-asp (6) ddos (6) password (5) email (5) active-directory (5) joomla (5) command-line (5) application-pool (5) blacklist (5) t-sql (4) wql (4) https (4) group-policy (4) backup (4) connector-net (4) debug (4) logparser (4) network-adapter (4) dns (4) query_cache (4) ghost (4) iisnode (4) node-js (4) vbscript (3) umbraco (3) windows-firewall (3) brute-force (3) ftp (3) postfix (3) forensics (3) benchmark (3) xss (3) disk-cleanup (3) disk-space (3) sql-injection (3) openssl (2) net-core (2) visual-studio (2) windows-defender (2) rdp (2) connector-odbc (2) c (2) mysqldump (2) xml-rpc (2) smb (2) cross-site-scripting (2) innodb (2) httpbl (2) centos (2) magento (2) denial-of-service (2) deployment (2) windows-deployment-services (2) mysqli (2) open-xchange (2) waf (2) web-application-firewall (2) windows-11 (1) ipv6 (1) networking (1) sqlce (1) tinymce (1) Prianha-CMS (1) kvm (1) http-3 (1) quic (1) wmsvc (1) database-mirroring (1) service-principal-names (1) spn (1) jetpack (1) api (1) kms (1) elasticsearch (1) red-hat (1) varnish-cache (1) dhcp (1) jquery (1)