Published January 25th, 2010
Today we found out that one of the client sites had their precious hacker-safe badge dropped because the Web server that they were running was offering SSL v2 support.
So we decided to investigate by running:
$ openssl s_client –ssl2 –connect www.clienthostname.com:443
We were able to connect! This confirmed that we had SSL v2 enabled Apache, which is [...]
Published December 4th, 2008
How to disable SSL v2 support in Apache and upgrade to SSL v3 for better SSL security.
Published November 28th, 2008
Problem Statement
Google penalizes Web sites that have duplicate contents. A site that runs on both HTTP and HTTPS mode has a good chance of getting penalized for duplicate contents if the site can be browsed in both mode. The googlebot simply has a possiblity of indexing both HTTP and HTTPS pages and thus creating a [...]
