Then you would subscribe to a service like https://developers.facebook.com/tools/ct/ that can send you alerts whenever a CA adds a certificate for one of your domains. If DoD is suddenly impersonating you, I dunno...go outside slowly and sit in a chair with nothing around and act completely nonthreateningly while waiting for the men in suits without a sense of humor to arrive? Source: over 1 year ago

Recently I've been setting up a private network for myself and I wanted to expose some services over HTTPS. The only reliable method I came up with was to buy a public domain and point its DNS records to private IPs, then I could generate Let's Encrypt certificates with a DNS challenge. The downside is that my internal domain names are now public (e.g. You can find them by looking up issued certificates for my... - Source: Hacker News / over 1 year ago

Some altarnatives: * https://crt.sh/ * https://developers.facebook.com/tools/ct * https://ui.ctsearch.entrust.com/ui/ctsearchui. - Source: Hacker News / about 2 years ago

There are so many accessibility issues on Hacker News! Ways to avoid the same mistakes? Easy... 1 - Make sure everyone involved from designers to developers to content creators to testers to... Whatever your village has in it... Has knowledge of WCAG. (New standards out a few weeks ago!) WCAG is the de facto law of the land now, and businesses are liable from damages if they don't make efforts to ensure all users... - Source: Hacker News / 8 months ago

Few minor accessibility issues. https://wave.webaim.org/report#/https://propbox.co/ Bunch of front-end security issues. Some of these are trivial, but also... Why not just knock them out? https://securityheaders.com/?q=https%3A%2F%2Fpropbox.co%2F&followRedirects=on The Privacy page is a nightmare, as others have pointed out. Why do this? Won't work with screen readers, won't let users copy text... it's bad.... - Source: Hacker News / 12 months ago

FWIW HN sets the Referrer-Policy header [1] to origin [2] but I have no idea how many browsers honor that. [1] - https://scotthelme.co.uk/a-new-security-header-referrer-policy/ [2] - https://securityheaders.com/?q=https%3A%2F%2Fnews.ycombinator.com%2F&hide=on&followRedirects=on. - Source: Hacker News / 12 months ago

I was recently tasked with improving the security rating on one of our websites. This involved a couple of things but the thing I want to focus on in this post is security headers. We scanned the site here and were initially given a rating of 'E'. Not good. So one of the recommendations was to add security headers which are headers contained in the HTTP response and can provide various different security benefits,... - Source: dev.to / almost 1 year ago

Google has to know about the site before it can index it. Set up the sitemap, then link the sitemap in from Google's Search Console Tools, and install Google Analytics. This will help Google pick up that your site exists. Make sure your robots.txt file is configured to allow crawlers. Make sure your pages aren't inadvertently NOINDEX'd. SEO isn't as relevant as it used to be, but all this stuff should be part of... - Source: Hacker News / about 1 year ago