Chrome, JavaScript, webdev

Protect Your Website With HTTPS

TL;DR

  1. Create (for free) an SSL certificate.
    One resource for that is letsencrypt.org
  2. Install it on your website’s server: letsencrypt.org/docs/client-options/ – You just quickly choose the client that will match your server environment or do everything in your browser.
  3. Change all your website’s links from HTTP to HTTPS so that search engines are notified and users will get the HTTPS version.
  4. Go have a drink.

Why?

You should always protect all of your websites with HTTPS, even if they don’t handle sensitive communications. HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. It might be a malicious attacker or legitimate (but intrusive) companies, such as ISPs or hotels that inject ads into pages. Your users will think that your site is ugly or worst because they can’t tell who is doing what to the pages.
If you care about your users, always protect them and serve them with HTTPS. It will also prevents intruders from being able to passively listen in on the communications between your website and your users. Another benefit we gain from HTTPS is the ability to work with new powerful web platform features: Continue reading

Standard
Chrome

Password Forms That Browsers Love

login form example

There are two types of common forms that you see every day on (almost) every website: Sign-up and Sign-in. If you want to improve your users experience and allow them to fill these forms quickly and efficiently, this post is for you.

You can help ensure that browsers’ password management functionality can understand your site’s sign-up, sign-in. All it take is a ‘touch’ of a change for your password forms by enriching your HTML with a bit of metadata.

Here are the rules to follow: Continue reading

Standard
Chrome

Chrome, Firefox And Edge/IE Will Soon Drop RC4 Encryption

browser security

What is RC4?

RC4 is a stream cipher designed in 1987 that has been widely supported across browsers and online services for the purposes of encryption. Multiple vulnerabilities have been discovered in RC4 over the years, making it possible to crack within days or even hours.

It’s good news that all the major browsers are going to drop it and move forward to a better cipher.

When?

Continue reading

Standard