Here is how to setup a domain to use a self-signed certificate using Simple Control Panel, a free control panel for a dedicated linux server hosted by GoDaddy. This way you can setup your domain to use http secure (https) using SSL. The process is different using the Plesk control panel, and very si ...
If you would like to have your Login and Admin sections on a Drupal site use HTTPS there is a very simple and easy solution. Open your settings.php file that is located in drupalroot/sites/default/settings.php. If you have set up the $base_url variable replace it with the following PHP code. If you ...
En HTTPS Data Exposure – GET vs POST un resumen rápido de la exposición de los datos que se transmiten mediante el protocolo cifrado https considerando GET, POST, si la conexión va cifrada o no y los diversos participantes en la transmisión y recepción. Posted in seguridad Tagged: get, HTTPS, intern ...
Pretty similar to setting up SSL on unix/linux and actually not that hard to do. Just a few things to remember as a checklist. If your Apache install didn’t include openSSL then you’ll need to download a few things: Normally you can find mod_ssl.so in your apache install directory in modules. In con ...
Three days ago on the 3rd of November Marsh Ray and Steven Dispensa of PhoneFactor released a whitepaper that describes a man in the middle attack against TLS and SSL v3 by using the “renegotiation” feature of the protocol. This new attacks adds to the issues published by Moxie Marlinspike, Dan Kami ...
A security flaw that has been identified in the Transport Layer Security (TLS) protocol could open the door for man-in-the-middle (MITM) attacks against HTTPS communication. All implementations are said to be vulnerable because the flaw is in the protocol itself. Security researchers are taking step ...
New SSL Security Issues: A vulnerability allowing hijacking of an already connected SSL 3.0 (TLS 1.0) sessions has been disclosed. SSL technology provides an end-to-end secure communications tunnel used most commonly by the HTTPS protocol. This, most recent, vulnerability allows an attacker to inser ...
La consultora PhoneFactor descubrió en Agosto un problema con la seguridad del sistema SSL que conforma los certificados de banco y sitios seguros. Este problema permite a un tercero (MITM – Man in the Middle) pasar a ser parte de la conexión. Se espera que en estos días navegadores, sistemas y serv ...
Software makers around the world are scrambling to fix a serious bug in the technology used to transfer information securely on the Internet. The flaw lies in the SSL protocol, best known as the technology used for secure browsing on Web sites beginning with HTTPS, and lets attackers intercept secur ...