Updating Web site security

This site, as is true of many Web sites, has been experiencing attacks for some years now; one such attack took down this site in early 2011. Believe me, having your Web site go down definitely sucks. Since 2011, with the expert help and advice of my Web hosting service, the security on this site has been continually upgraded. Among other measures, Wordfence has been installed on the WordPress installations, Cloudflare is in use, and the site was moved to servers optimized for WordPress.

And now, finally, thanks to Dennis at Deerfield Hosting, this site is using SSL certificates. SSL Labs now gives this Web site an “A+” rating on its SSL report.

Some things to look out for:

1. Dennis writes: “I have purposely limited the cipher suites available to deliver the site. Analysis and specifics here. Some people will and do disagree with doing that. Some visitors will not be able to see your site. I’ve looked at the stats and the numbers are very low, to the point where calling these cases very rare is accurate.” If you can’t see the site, you obviously won’t be reading this. But this is still a reminder to use up-to-date software. Also, one possible browser upgrade you might be interested in is the “HTTPS Everywhere” plugin for Firefox, Chrome, and Opera, available from the Electronic Frontier Foundation here.

2. This Web site should automatically redirect an “http” link to an “https” link, but there may be occasional problems. If you find such a problem, please let me know (so far I’ve heard from one Web manager who found this problem).

3. In a similar vein, I am updating internal links. Until I have finished doing so, some internal links may not work. Please let me know if you find one, and I will fix it ASAP.

4. Web geeks will be interested to know that Dennis also switched this site to HTTP/2. He writes: “Your site is now among the first sites on the Internet to employ HTTP/2, the successor to HTTP/1.1. Only about 2% of sites have this distinction. One of the advantages is faster site delivery. Page components are requested and delivered asynchronously over a single connection. More information here.”

Finally, I can’t thank Dennis at Deerfield Hosting enough. Most Web hosts these days just provide a commodity, and it’s great to be with a Web host that still provides actual customer service.

Update:
To clarify a little, software which will be unable to establish a secure connection with this site includes:
— Android 4.3 and earlier
— Internet Explorer 6-9
— Safari 5-6
If you’re reading this, your browsing software is reasonably up-to-date. Yay, you!

Leave a Reply

Your email address will not be published. Required fields are marked *