
Secure HTTP Redirection
Web servers should not perform Port 80 (HTTP) to Port 443 (HTTPS) redirections – leave that up to your WAF, Edge, or another isolated way.
Michael McKinnon – People | Technology | Cyber Security
People bring purpose, Technology is the tool, Life should be secure.
Web servers should not perform Port 80 (HTTP) to Port 443 (HTTPS) redirections – leave that up to your WAF, Edge, or another isolated way.
From time to time, I find myself needing to collect evidence against some of the bad guys on the Internet, including numerous scammers and other shady characters who sell fake or malicious software to innocent victims. It is an unbelievably tediou…
UPDATE: Since writing this, Microsoft have released URLScan 3.1 which you should be using -> http://www.iis.net/extensions/UrlScan If you’re not using URLScan Beta 3.0 then you’re just asking for trouble these days. There has been a recent ramp up…