In the previous installment of this series, I demonstrated how to configure cron, outgoing email and automatic updates. In this post I will show you how to configure SSL and SPDY. SSL (Secure Sockets Layer) SSL is a security technology for encrypting data between a server (website) and a client (web browser). This ensures that all data sent between the client and the server is encrypted, and that only the intended recipient can decrypt it. Without SSL any data transmitted will be sent in plain text, allowing anyone who is eavesdropping to read the information. Although the term SSL is used for securing a website, the actual SSL protocols are now considered obsolete and insecure, partially due to the disclosure of the POODLE attack. Instead this article will implement the TLS (Transport Layer Security) protocol which is the successor to SSL. Throughout the remainder of this article SSL and TLS will be used interchangeably, except when demonstrating server configurations. When to use SSL Although the majority of data transmitted between a website and a web browser isn’t sensitive, there are exceptions, the most obvious being credit card information. If you’re running an ecommerce site
Share This