Introduction Traditional DNS queries and responses are sent over UDP or TCP without encryption. This is vulnerable to eavesdropping and spoofing (including DNS-based Internet filtering). Responses from recursive resolvers to clients are the most vulnerable to undesired or malicious changes,… Continue Reading →
Dehydrated was firstly known as letsencrypt.sh but because letsencrypt is a trademark, they decided to rename the project, but keep the excellent features. Purpose If you’re already familiar with let’s encrypt and the ACME protocol, you can go directly to… Continue Reading →
I went through my google analytic log and updated the referrer blacklist for Nginx. As before, it’s available as a gist on GitHub.
I’ve been playing around with let’s encrypt and the official client available on github. I have to admit the client is great to automatize the process and with some tweaking can be also applied to nginx. But it’s slow and… Continue Reading →
With the release of the version 2.0.2 of LibreSSL I wanted to use it on one of my Nginx server to see if it’s possible to make them work together. After all OpenBSD’s dev said that it’s a “drop-in” replacement.