SlideShare une entreprise Scribd logo

HTTPS and HTTP/2

Télécharger en tant que PPTX, PDF
MatthewWalker9
MatthewWalker9

Notes on current HTTPS best practices, and how to get started on a Linux platform.

Internet
1  sur  36
HTTPS & HTTP/2 M a t t h e w W a l ke r A u g u s t 20 1 6
Identity confirmation Confidentiality Integrity
Unlock new browser features Small PageRank boost HTTP/2
Geolocation HTTP/2 getUserMedia() Push notifications Device motion / orientation Encrypted media extensions AppCache Deprecating Non-Secure HTTP, Mozilla Security Blog, 20 April 2015. https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/ Deprecating Powerful Features on Insecure Origins,The Chromium Projects https://www.chromium.org/Home/chromium-security/deprecating-powerful-features-on-insecure-origins
Past • Hard to set up • Expensive • Only for ecommerce   
Present • Relatively easy to set up • Certs start at $0 • All websites, all pages   
Future All HTTP sites will be specifically marked as insecure! Marking HTTP As Non-Secure https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
The new normal “Google estimates 25% of sites now use secure connections. Google will work with some of the non-secure top 100 sites on the web to help them migrate to HTTPS.” -- March 2016 http://marketingland.com/google-estimates-25-sites-now-use- secure-connections-168763
• 301 redirects must be done right • Dedicated IP means small hosting cost bump • HTTPS over HTTP/1.1 is marginally slower • One more thing to set up and pay for / screw up
HTTPS migrations lose PageRank (?) 301 redirects result in around a 15% loss of PageRank No PageRank loss redirect HTTP -> HTTPS 301 Redirects Rules Change: WhatYou Need to Know for SEO, Moz Blog, 1 August 2016. https://moz.com/blog/301-redirection-rules-for-seo  
Set up your dev environment for certs One time setup sudo a2enmod ssl sudo a2enmod headers sudo vim /etc/apache2/apache2.conf And add NameVirtualHost *:443 near the bottom. sudo service apache2 restart sudo mkdir /etc/apache2/ssl
Self-signed certs Create a cert sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 - keyout /etc/apache2/ssl/[newsite].key -out /etc/apache2/ssl/[newsite].crt [note fill common name in with the domain] cd /etc/apache2/sites-available sudo vim [newsite] Duplicate the entireVirtualHost block and label as <VirtualHost *:443> Put this at the bottom SSLEngine on SSLCertificateFile /etc/apache2/ssl/[newsite].crt SSLCertificateKeyFile /etc/apache2/ssl/[newsite].key
Free certs https://letsencrypt.org/ https://www.startssl.com/
Secure all the things. Every page. Every resource.
Phase 1  Search for http://  //  Check canonical links have full https:// url  Check your sitemap and robots.txt  New property in Google Search Console
robots.txt Sitemap: https://domain.com/sitemap.xml
UseTLS 1.0 / 1.1 / 1.2 only: Test your setup https://www.ssllabs.com/ssltest/index.html How to disable SSL: https://www.digicert.com/ssl-support/apache- disabling-ssl-v3.htm
Phase 2  301 redirects http  https
HTTP  HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] . is a regular expression, but we just want to match anything L flag: stop processing further rules R flag: redirect
If you already have domain name redirects…. RewriteEngine On # Redirect to canonical RewriteCond %{HTTP_HOST} ^domain.com$ [NC] RewriteRule . https://canonical.com%{REQUEST_URI} [L,R=301] # Redirect to HTTPS RewriteCond %{HTTPS} off RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] NC flag: case-insensitive
Secure your cookies: <ifModule mod_headers.c> Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure" </ifModule> HTTPOnly option locks out JavaScript. Secure refuses cookie over HTTP
HTTPS link to HTTP loses referrer by default <meta name="referrer" content="origin-when-crossorigin"> The Meta ReferrerTag: An Advancement for SEO and the Internet. https://moz.com/blog/meta-referrer-tag
Phase 3  HSTS saves a round trip  HTTP/2 via a CDN
HSTS -- not done lightly! <ifModule mod_headers.c> Header set Strict-Transport-Security "max- age=31536000; includeSubDomains" env=HTTPS </ifModule>
• https://www.httpvshttps.com/ • HTTPS unlocks HTTP/2 • 70% of websites using HTTP/2 are served via CloudFlare • https://www.cloudflare.com/http2/ • Why Everyone Should Be MovingTo HTTP/2 http://searchengineland.com/everyone- moving-http2-236716
CloudFlare
If you have https redirects, don’t use flexible!
HTTP/1.1 optimisations you don’t need anymore • Domain sharding • Image sprites • Combined CSS and JS files
What aboutTTFB? “I heard that the HTTP/2 TTFB (Time to First Byte) which is a measured metric in SEO and FEO, is sometimes see higher than HTTP/1.1. What can be done to again have the TTFB measure be seen as on-par with HTTP/1.1?” CatchpointAMA on HTTP/2 with staff from Google,Akamai, CloudFlare, Catchpoint http://pages.catchpoint.com/HTTP2-AMA-Registration.html “I think that's a very good and important point. TTFB is important as a metric. If you can make it faster, do so. That's just a good thing to optimize. You're right in that just watching the TTFB is not indicative of when the content is painted to the screen, which is ultimately what the user cares about. Not when they receive the first byte, but when is the text showing up on the screen? I can show you plenty of traces where I can see that, even if I compare the unencrypted version with encrypted over HTTP/2, the time to first byte may be slower, but the page renders faster, because we're able to leverage other features in HTTP/2 to fetch other things faster, maybe using server push, so we don't have to do extra round trips. One metric regresses, but the metric that you care about actually improves.” -- Ilya Grigorik, Google
IsTLS FastYet? https://istlsfastyet.com/ Mythbusting HTTPS: Squashing security’s urban legends - Google I/O 2016 https://www.youtube.com/watch?v=YMfW1bfyGSY Mozilla SSL Configuration Generator Mozilla SSL ConfigurationGenerator https://mozilla.github.io/server-side-tls/ssl-config-generator/ evelopers HTTP/2 ForWeb Developers https://blog.cloudflare.com/http-2-for-web-developers/ 7Tips for Faster HTTP/2 Performance https://www.nginx.com/blog/7-tips-for-faster-http2-performance/ Secure browsing by default https://www.facebook.com/notes/facebook-engineering/secure-browsing-by- default/10151590414803920/ Websites Must Use HSTS in Order to Be Secure https://www.eff.org/deeplinks/2014/02/websites-hsts
HTTPS and HTTP/2

Recommandé

How to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressHow to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressOtto Kekäläinen
 
Word campktm speed-security
Word campktm speed-securityWord campktm speed-security
Word campktm speed-securityDigamber Pradhan
 
Building Next Generation Real-Time Web Applications using Websockets
Building Next Generation Real-Time Web Applications using WebsocketsBuilding Next Generation Real-Time Web Applications using Websockets
Building Next Generation Real-Time Web Applications using WebsocketsNaresh Chintalcheru
 
HTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebHTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebPeter Lubbers
 
The Case for HTTP/2
The Case for HTTP/2The Case for HTTP/2
The Case for HTTP/2Andy Davies
 
WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014Patrick Meenan
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On FireJef Claes
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youPatrick Meenan
 

Recommandé

How to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressHow to investigate and recover from a security breach in WordPress
How to investigate and recover from a security breach in WordPressOtto Kekäläinen
 
Word campktm speed-security
Word campktm speed-securityWord campktm speed-security
Word campktm speed-securityDigamber Pradhan
 
Building Next Generation Real-Time Web Applications using Websockets
Building Next Generation Real-Time Web Applications using WebsocketsBuilding Next Generation Real-Time Web Applications using Websockets
Building Next Generation Real-Time Web Applications using WebsocketsNaresh Chintalcheru
 
HTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebHTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebPeter Lubbers
 
The Case for HTTP/2
The Case for HTTP/2The Case for HTTP/2
The Case for HTTP/2Andy Davies
 
WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014WebPagetest Power Users - Velocity 2014
WebPagetest Power Users - Velocity 2014Patrick Meenan
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On FireJef Claes
 
Velocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youVelocity EU 2012 - Third party scripts and you
Velocity EU 2012 - Third party scripts and youPatrick Meenan
 
Websockets at tossug
Websockets at tossugWebsockets at tossug
Websockets at tossugclkao
 
The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...Otto Kekäläinen
 
Making the web faster
Making the web fasterMaking the web faster
Making the web fasterPatrick Meenan
 
Measuring web performance
Measuring web performanceMeasuring web performance
Measuring web performancePatrick Meenan
 
HTTP2 is Here!
HTTP2 is Here!HTTP2 is Here!
HTTP2 is Here!Andy Davies
 
WebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & UglyWebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & UglyAaron Peters
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015Andy Davies
 
Measuring the visual experience of website performance
Measuring the visual experience of website performanceMeasuring the visual experience of website performance
Measuring the visual experience of website performancePatrick Meenan
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersViktor Gamov
 
how to use fiddler (Ver eng)
how to use fiddler (Ver eng)how to use fiddler (Ver eng)
how to use fiddler (Ver eng)용진 조
 
Front-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingFront-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingPatrick Meenan
 
V2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketV2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketbrent bucci
 
Getting the most out of WebPageTest
Getting the most out of WebPageTestGetting the most out of WebPageTest
Getting the most out of WebPageTestPatrick Meenan
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHPSulaeman .
 
Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceNicholas Zakas
 
Web Page Test - Beyond the Basics
Web Page Test - Beyond the BasicsWeb Page Test - Beyond the Basics
Web Page Test - Beyond the BasicsAndy Davies
 
Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer Mediovski Technology
 
eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?Peter Holditch
 
Hands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestHands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestPatrick Meenan
 
gofortution
gofortutiongofortution
gofortutiongofortution
 
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital MarketersSearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital MarketersDistilled
 

Contenu connexe

Tendances

Websockets at tossug
Websockets at tossugWebsockets at tossug
Websockets at tossugclkao
 
The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...Otto Kekäläinen
 
Measuring web performance
Measuring web performanceMeasuring web performance
Measuring web performancePatrick Meenan
 
WebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & UglyWebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & UglyAaron Peters
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015Andy Davies
 
Measuring the visual experience of website performance
Measuring the visual experience of website performanceMeasuring the visual experience of website performance
Measuring the visual experience of website performancePatrick Meenan
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersViktor Gamov
 
how to use fiddler (Ver eng)
how to use fiddler (Ver eng)how to use fiddler (Ver eng)
how to use fiddler (Ver eng)용진 조
 
Front-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingFront-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingPatrick Meenan
 
V2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketV2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketbrent bucci
 
Getting the most out of WebPageTest
Getting the most out of WebPageTestGetting the most out of WebPageTest
Getting the most out of WebPageTestPatrick Meenan
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHPSulaeman .
 
Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceNicholas Zakas
 
Web Page Test - Beyond the Basics
Web Page Test - Beyond the BasicsWeb Page Test - Beyond the Basics
Web Page Test - Beyond the BasicsAndy Davies
 
Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer Mediovski Technology
 
eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?Peter Holditch
 
Hands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestHands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestPatrick Meenan
 

Tendances (20)

Websockets at tossug
Websockets at tossugWebsockets at tossug
Websockets at tossug
 
The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...The 5 most common reasons for a slow WordPress site and how to fix them – ext...
The 5 most common reasons for a slow WordPress site and how to fix them – ext...
 
Making the web faster
Making the web fasterMaking the web faster
Making the web faster
 
Measuring web performance
Measuring web performanceMeasuring web performance
Measuring web performance
 
HTTP2 is Here!
HTTP2 is Here!HTTP2 is Here!
HTTP2 is Here!
 
WebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & UglyWebPagetest - Good, Bad & Ugly
WebPagetest - Good, Bad & Ugly
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSockets
 
The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015The Case for HTTP/2 - EpicFEL Sept 2015
The Case for HTTP/2 - EpicFEL Sept 2015
 
Measuring the visual experience of website performance
Measuring the visual experience of website performanceMeasuring the visual experience of website performance
Measuring the visual experience of website performance
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
 
how to use fiddler (Ver eng)
how to use fiddler (Ver eng)how to use fiddler (Ver eng)
how to use fiddler (Ver eng)
 
Front-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 TrainingFront-End Single Point of Failure - Velocity 2016 Training
Front-End Single Point of Failure - Velocity 2016 Training
 
V2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketV2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocket
 
Getting the most out of WebPageTest
Getting the most out of WebPageTestGetting the most out of WebPageTest
Getting the most out of WebPageTest
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHP
 
Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom Menace
 
Web Page Test - Beyond the Basics
Web Page Test - Beyond the BasicsWeb Page Test - Beyond the Basics
Web Page Test - Beyond the Basics
 
Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer Xdebug, KCacheGrind and Webgrind with WampServer
Xdebug, KCacheGrind and Webgrind with WampServer
 
eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?eCommerce performance, what is it costing you and what can you do about it?
eCommerce performance, what is it costing you and what can you do about it?
 
Hands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetestHands on performance testing and analysis with web pagetest
Hands on performance testing and analysis with web pagetest
 

Similaire à HTTPS and HTTP/2

SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital MarketersSearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital MarketersDistilled
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basicMksYi
 
HTTP 2.0 - Web Unleashed 2015
HTTP 2.0 - Web Unleashed 2015HTTP 2.0 - Web Unleashed 2015
HTTP 2.0 - Web Unleashed 2015dmethvin
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itNils De Moor
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itWoorank
 
1 Web Page Foundations Overview This lab walk.docx
1 Web Page Foundations Overview This lab walk.docx1 Web Page Foundations Overview This lab walk.docx
1 Web Page Foundations Overview This lab walk.docxhoney725342
 
Front End Website Optimization
Front End Website OptimizationFront End Website Optimization
Front End Website OptimizationGerard Sychay
 
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San FranciscoHTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San FranciscoAlessandro Nadalin
 
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...Nicholas Jansma
 
Future of Search Engine Factors, AMP, On-Page Key to Success
Future of Search Engine Factors, AMP, On-Page Key to SuccessFuture of Search Engine Factors, AMP, On-Page Key to Success
Future of Search Engine Factors, AMP, On-Page Key to SuccessAnetwork
 
Movable Type Seminar 2011
Movable Type Seminar 2011Movable Type Seminar 2011
Movable Type Seminar 2011Six Apart KK
 
Optimising Web Application Frontend
Optimising Web Application FrontendOptimising Web Application Frontend
Optimising Web Application Frontendtkramar
 
High Performance Websites
High Performance WebsitesHigh Performance Websites
High Performance WebsitesParham
 
The Case for HTTP/2 - Internetdagarna 2015 - Stockholm
The Case for HTTP/2 - Internetdagarna 2015 - StockholmThe Case for HTTP/2 - Internetdagarna 2015 - Stockholm
The Case for HTTP/2 - Internetdagarna 2015 - StockholmAndy Davies
 
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...SEO monitor
 

Similaire à HTTPS and HTTP/2 (20)

gofortution
gofortutiongofortution
gofortution
 
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital MarketersSearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
Fundamentals of HTML5
Fundamentals of HTML5Fundamentals of HTML5
Fundamentals of HTML5
 
HTTP 2.0 - Web Unleashed 2015
HTTP 2.0 - Web Unleashed 2015HTTP 2.0 - Web Unleashed 2015
HTTP 2.0 - Web Unleashed 2015
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
 
1 Web Page Foundations Overview This lab walk.docx
1 Web Page Foundations Overview This lab walk.docx1 Web Page Foundations Overview This lab walk.docx
1 Web Page Foundations Overview This lab walk.docx
 
Front End Website Optimization
Front End Website OptimizationFront End Website Optimization
Front End Website Optimization
 
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San FranciscoHTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
 
Speed = $$$
Speed = $$$Speed = $$$
Speed = $$$
 
High-Speed HTML5
High-Speed HTML5High-Speed HTML5
High-Speed HTML5
 
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...
Check Yourself Before You Wreck Yourself: Auditing and Improving the Performa...
 
Future of Search Engine Factors, AMP, On-Page Key to Success
Future of Search Engine Factors, AMP, On-Page Key to SuccessFuture of Search Engine Factors, AMP, On-Page Key to Success
Future of Search Engine Factors, AMP, On-Page Key to Success
 
Presentation (PPT)
Presentation (PPT)Presentation (PPT)
Presentation (PPT)
 
Movable Type Seminar 2011
Movable Type Seminar 2011Movable Type Seminar 2011
Movable Type Seminar 2011
 
Optimising Web Application Frontend
Optimising Web Application FrontendOptimising Web Application Frontend
Optimising Web Application Frontend
 
High Performance Websites
High Performance WebsitesHigh Performance Websites
High Performance Websites
 
The Case for HTTP/2 - Internetdagarna 2015 - Stockholm
The Case for HTTP/2 - Internetdagarna 2015 - StockholmThe Case for HTTP/2 - Internetdagarna 2015 - Stockholm
The Case for HTTP/2 - Internetdagarna 2015 - Stockholm
 
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...
Google are pushing HTTPS hard. Why? And​,​ when should you act? by Mark Thoma...
 

Dernier

WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...SUHANI PANDEY
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 

Dernier (20)

WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 

HTTPS and HTTP/2

  • 1. HTTPS & HTTP/2 M a t t h e w W a l ke r A u g u s t 20 1 6
  • 2.
  • 4. Unlock new browser features Small PageRank boost HTTP/2
  • 5. Geolocation HTTP/2 getUserMedia() Push notifications Device motion / orientation Encrypted media extensions AppCache Deprecating Non-Secure HTTP, Mozilla Security Blog, 20 April 2015. https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/ Deprecating Powerful Features on Insecure Origins,The Chromium Projects https://www.chromium.org/Home/chromium-security/deprecating-powerful-features-on-insecure-origins
  • 6. Past • Hard to set up • Expensive • Only for ecommerce   
  • 7. Present • Relatively easy to set up • Certs start at $0 • All websites, all pages   
  • 8. Future All HTTP sites will be specifically marked as insecure! Marking HTTP As Non-Secure https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
  • 9. The new normal “Google estimates 25% of sites now use secure connections. Google will work with some of the non-secure top 100 sites on the web to help them migrate to HTTPS.” -- March 2016 http://marketingland.com/google-estimates-25-sites-now-use- secure-connections-168763
  • 10.
  • 11. • 301 redirects must be done right • Dedicated IP means small hosting cost bump • HTTPS over HTTP/1.1 is marginally slower • One more thing to set up and pay for / screw up
  • 12. HTTPS migrations lose PageRank (?) 301 redirects result in around a 15% loss of PageRank No PageRank loss redirect HTTP -> HTTPS 301 Redirects Rules Change: WhatYou Need to Know for SEO, Moz Blog, 1 August 2016. https://moz.com/blog/301-redirection-rules-for-seo  
  • 13.
  • 14. Set up your dev environment for certs One time setup sudo a2enmod ssl sudo a2enmod headers sudo vim /etc/apache2/apache2.conf And add NameVirtualHost *:443 near the bottom. sudo service apache2 restart sudo mkdir /etc/apache2/ssl
  • 15. Self-signed certs Create a cert sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 - keyout /etc/apache2/ssl/[newsite].key -out /etc/apache2/ssl/[newsite].crt [note fill common name in with the domain] cd /etc/apache2/sites-available sudo vim [newsite] Duplicate the entireVirtualHost block and label as <VirtualHost *:443> Put this at the bottom SSLEngine on SSLCertificateFile /etc/apache2/ssl/[newsite].crt SSLCertificateKeyFile /etc/apache2/ssl/[newsite].key
  • 17.
  • 18. Secure all the things. Every page. Every resource.
  • 19. Phase 1  Search for http://  //  Check canonical links have full https:// url  Check your sitemap and robots.txt  New property in Google Search Console
  • 21. UseTLS 1.0 / 1.1 / 1.2 only: Test your setup https://www.ssllabs.com/ssltest/index.html How to disable SSL: https://www.digicert.com/ssl-support/apache- disabling-ssl-v3.htm
  • 22. Phase 2  301 redirects http  https
  • 23. HTTP  HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] . is a regular expression, but we just want to match anything L flag: stop processing further rules R flag: redirect
  • 24. If you already have domain name redirects…. RewriteEngine On # Redirect to canonical RewriteCond %{HTTP_HOST} ^domain.com$ [NC] RewriteRule . https://canonical.com%{REQUEST_URI} [L,R=301] # Redirect to HTTPS RewriteCond %{HTTPS} off RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] NC flag: case-insensitive
  • 25. Secure your cookies: <ifModule mod_headers.c> Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure" </ifModule> HTTPOnly option locks out JavaScript. Secure refuses cookie over HTTP
  • 26. HTTPS link to HTTP loses referrer by default <meta name="referrer" content="origin-when-crossorigin"> The Meta ReferrerTag: An Advancement for SEO and the Internet. https://moz.com/blog/meta-referrer-tag
  • 27. Phase 3  HSTS saves a round trip  HTTP/2 via a CDN
  • 28.
  • 29. HSTS -- not done lightly! <ifModule mod_headers.c> Header set Strict-Transport-Security "max- age=31536000; includeSubDomains" env=HTTPS </ifModule>
  • 30. • https://www.httpvshttps.com/ • HTTPS unlocks HTTP/2 • 70% of websites using HTTP/2 are served via CloudFlare • https://www.cloudflare.com/http2/ • Why Everyone Should Be MovingTo HTTP/2 http://searchengineland.com/everyone- moving-http2-236716
  • 32. If you have https redirects, don’t use flexible!
  • 33. HTTP/1.1 optimisations you don’t need anymore • Domain sharding • Image sprites • Combined CSS and JS files
  • 34. What aboutTTFB? “I heard that the HTTP/2 TTFB (Time to First Byte) which is a measured metric in SEO and FEO, is sometimes see higher than HTTP/1.1. What can be done to again have the TTFB measure be seen as on-par with HTTP/1.1?” CatchpointAMA on HTTP/2 with staff from Google,Akamai, CloudFlare, Catchpoint http://pages.catchpoint.com/HTTP2-AMA-Registration.html “I think that's a very good and important point. TTFB is important as a metric. If you can make it faster, do so. That's just a good thing to optimize. You're right in that just watching the TTFB is not indicative of when the content is painted to the screen, which is ultimately what the user cares about. Not when they receive the first byte, but when is the text showing up on the screen? I can show you plenty of traces where I can see that, even if I compare the unencrypted version with encrypted over HTTP/2, the time to first byte may be slower, but the page renders faster, because we're able to leverage other features in HTTP/2 to fetch other things faster, maybe using server push, so we don't have to do extra round trips. One metric regresses, but the metric that you care about actually improves.” -- Ilya Grigorik, Google
  • 35. IsTLS FastYet? https://istlsfastyet.com/ Mythbusting HTTPS: Squashing security’s urban legends - Google I/O 2016 https://www.youtube.com/watch?v=YMfW1bfyGSY Mozilla SSL Configuration Generator Mozilla SSL ConfigurationGenerator https://mozilla.github.io/server-side-tls/ssl-config-generator/ evelopers HTTP/2 ForWeb Developers https://blog.cloudflare.com/http-2-for-web-developers/ 7Tips for Faster HTTP/2 Performance https://www.nginx.com/blog/7-tips-for-faster-http2-performance/ Secure browsing by default https://www.facebook.com/notes/facebook-engineering/secure-browsing-by- default/10151590414803920/ Websites Must Use HSTS in Order to Be Secure https://www.eff.org/deeplinks/2014/02/websites-hsts