No Signed Pages videos yet. You could help us improve this page by suggesting one.
Sucuri might be a bit more popular than Signed Pages. We know about 17 links to it since March 2021 and only 12 links to Signed Pages. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
There is "Signed Pages" by the debeloper of EteSync. It is a browser extension, that checks webapps based on signatures in the html file. The addon then warns the user if the signature is not correct or - if I remember correctly - the source changed. This allows you to be sure what webapp code was delivered. But it seems like it did not really get used outside of his own projects. - Source: Hacker News / 4 months ago
EteSync has implemented something called Signed Pages, this might be worth looking closer at. This uses PGP keys which is preloaded into the browser; but I suspect that will be a barrier too high for most non-tech users. Source: about 1 year ago
There are also projects like signed web pages which can also help increasing the trust level to some degree. But that requires that you can download the source code and regenerate the verification hash locally - or have other trusted methods to verify the hash value hasn't been modified as well. The current concept is reasonably sane, but it requires too much from users currently to make it widely used. Source: almost 2 years ago
> The server can at any time start serving malicious payloads True, and I call this threat model "Beware Each and Every Fetch" (BEEF) in contrast to the more common TOFU model (although if you trust a desktop app to auto-update itself then these two models might not be all that different). In any case, I think you're being a little quick to dismiss the idea of server-hosted applications. It's true that browsers... - Source: Hacker News / about 2 years ago
Something like a browser extension for this does already exist, fortunately: https://github.com/tasn/webext-signed-pages. - Source: Hacker News / over 2 years ago
You should always backup your website(s). If you are not running backups, you most likely aren't maintaining efficient security measures on your website as well. The only suggestion I have is contacting Sucuri and pay to clean your website up and stick with their WAF plan. Source: about 1 year ago
I know you found what you're looking for but.. I would recommend doing a third party malware scan with someone like sucuri.net. If there is a backdoor somewhere then it'll just get hacked again and there's a potential that credit card processors can take action if they think the company is a liability. Source: over 1 year ago
The .19 address comes back as sucuri.net - if that's your web host it makes sense. Source: over 1 year ago
Sucuri - A company known for its WordPress security plugin and website firewall. They are the best in terms of website security. Unlike the others, Sucuri also offers a malware removal service. Source: over 1 year ago
Yeah, I used Wordfence to clean up my website and it help remove most of the infected files but it's unable to detect this file. This file keeps showing up in https://sucuri.net/ website malware checkup. Source: over 1 year ago
Marshal - Quickly scan your cloud for exposed sensitive information.
CloudFlare - Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable.
The Security Checklist - The Practical Security Checklist for Web Developers
Amazon CloudFront - Amazon CloudFront is a content delivery web service.
Google Capture the Flag 2017 - Google's 2nd annual worldwide security competition
Imperva Cloud Application Security - Deploy your applications and data where you want. When you want. Imperva keeps them secure in the cloud, on premises, and in hybrid clouds.