Nginx tuning tips: TLS/SSL HTTPS – Improved TTFB/latency

As of 30th June 2018, the PCI Security Standards Council requires that support for SSL 3.0 and TLS 1.0 be disabled. TLS 1.1 or higher must be used and TLS 1.2 is strongly recommended. In addition, starting this July, Google Chrome will begin to mark HTTP web sites as “not secure”. Over the past few years, […]

OpenSSL Security Updates – Severity: High

A new set of security updates for OpenSSL were just released this morning to address various security vulnerabilities, some of which are considered to be “high” severity. Please update as soon as possible. To update keep an eye open for Linux distro updates via package managers such as yum, apt-get, etc. Control panel updates for cPanel and others will be released over […]

Patched Servers Remain Vulnerable to Heartbleed OpenSSL

If an attacker has already exploited the Heartbleed bug to steal your SSL private keys they can continue to decrypt all past and future traffic even after the vulnerability has been patched. A security vulnerability in OpenSSL called the Heartbleed bug (CVE-2014-0160) has been found. This vulnerability has been open for exploit for about 2 years but was only recently […]