How to Automatically Update Your JavaScript Dependencies (spa /clo )Jan 30, 2020 152 how-tos , javascript , dependencies , automation , processes What SSL Is, and Which Certificate Type Is Right for You Jan 29, 2020 151 ssl , certificates , privacy , concepts Usability and Security; Better Together (24w )Dec 22, 2019 150 usability , user-experience Server-Side Includes (SSI) Injection (owa )Dec 4, 2019 149 ssi How Internet Security Works: TLS, SSL, and CA (osd )Nov 18, 2019 148 tls , ssl , protocols , certificates Web Feature Developers Told to Dial Up Attention on Privacy and Security (rip /tec )Sep 11, 2019 147 w3c , privacy , web-platform Security and Privacy for Our Times (luk /w3c )Sep 11, 2019 146 privacy , web-platform CSS Security Vulnerabilities (chr /css )Sep 9, 2019 145 css , privacy , vulnerabilities Understanding Subresource Integrity (dre /sma )Apr 9, 2019 144 hashing , embed-code W3C Strategic Highlights: Web for All (Security, Privacy, Identity) (w3c )Mar 18, 2019 143 w3c , privacy , authentication Guide to Web Authentication Jan 24, 2019 142 websites , authentication , webauthn , javascript It’s Beginning to Look a Lot Like XSSmas (24w )Dec 17, 2018 141 vulnerabilities , csrf , xss Protecting Your Site With Feature Policy (rac /sma )Dec 12, 2018 140 http-headers , http AWS Security Guide: 7 Best Practices to Avoid Security Risks Oct 31, 2018 139 guides , aws , best-practices WebAuthn, FIDO2 Infuse Browsers, Platforms With Strong Authentication (dar )Sep 19, 2018 138 w3c , fido , authentication , webauthn , browsers In Your Face, Passwords: Big Three Browsers All Adopt Authentication API Aug 1, 2018 137 authentication , webauthn , apis , edge , microsoft , chrome , google , firefox , mozilla , browsers HTTPS Is Easy (tro )Jun 27, 2018 136 websites , http WordPress Security as a Process (sma )Jun 21, 2018 135 wordpress , processes Making Your Website Faster and Safer With Cloudflare Jun 12, 2018 134 performance , caching , cloudflare Validating Dependencies in the Project With npm-check and depcheck Jun 1, 2018 133 dependencies , maintenance , auditing , tooling , npm Third Party CSS Is Not Safe (jaf )Feb 27, 2018 132 html , css , embed-code Attackers Can Steal Sensitive Data by Abusing CSS—CSS Exfil Vulnerability Feb 7, 2018 131 css , csp Building Secure JavaScript Applications Jan 18, 2018 130 javascript , xss , csrf , json-web-tokens , passwords Creating Secure Password Resets With JSON Web Tokens (sma )Nov 9, 2017 129 passwords , json-web-tokens , nodejs The Complete Guide to Switching From HTTP to HTTPS (sma )Jun 12, 2017 128 guides , http How (Not) to Control Your CDN (mno )Jun 7, 2017 127 content-delivery , caching , http How to Secure WordPress With SSL May 10, 2017 126 how-tos , wordpress , ssl Encrypting IP Addresses (ber )May 7, 2017 125 ip , network , privacy , encryption How to Secure Your Web App With HTTP Headers (sma )Apr 3, 2017 124 how-tos , web-apps , http , http-headers , csp Just Another HTTPS Nudge (chr /css )Mar 3, 2017 123 http On EME in HTML5 (tim /w3c )Feb 28, 2017 122 eme , drm , html , legal , standards , w3c Using SSH Securely (ann )Jan 24, 2017 121 ssh More Than 300 Federal Gov Websites Fail to Meet Domain Encryption Deadline Jan 4, 2017 120 http , tls , protocols , encryption Content Security Policy Level 2 (mik +/w3c )Dec 15, 2016 119 standards , csp Content Security Policy, Your Future Best Friend (sma )Sep 12, 2016 118 csp , link-lists A Refined Content Security Policy (web )Aug 5, 2016 117 html , csp , webkit , safari , apple , browsers The Performance Benefits of “rel=noopener” (jaf )Jul 21, 2016 116 html , links , performance Web Platform Security Boundaries (ann )Jun 24, 2016 115 web-platform Subresource Integrity (dev +/w3c )Jun 23, 2016 114 hashing , html , standards W3C Looks to Secure the Web (sdt )Feb 17, 2016 113 w3c , authentication Distribution Packages Considered Insecure Feb 13, 2016 112 dependencies , unix-like The Current State of Web Security (An Interview With Anselm Hannemann) (hel +/css )Jan 18, 2016 111 interviews , http , ssl , tls , encryption , cloudflare Eliminating Known Vulnerabilities With Snyk (sma )Jan 13, 2016 110 vulnerabilities , tooling 10 Web Predictions for 2016 (cra )Jan 6, 2016 109 web , outlooks , site-generators , browsers , css , mobile , performance , webassembly , seo HSTS and “Let’s Encrypt” (tka )Jan 4, 2016 108 http , http-headers , ssl An in-Depth Look at CORS Dec 17, 2015 107 cors , javascript , php Why Passwordless Authentication Works (cra )Nov 10, 2015 106 authentication , passwords Introduction to TLS and SSL (ope )Aug 22, 2015 105 introductions , tls , ssl , protocols , certificates A Simple Developer Error Is Exposing Private Information on Thousands of Websites (owe )Jul 27, 2015 104 version-control , git , mistakes , vulnerabilities More Tips to Further Secure WordPress (eli )Jul 9, 2015 103 wordpress , tips-and-tricks , plugins Improving Web Security With the Content Security Policy Jun 24, 2015 102 csp , http Deprecating HTTP (yoa )May 11, 2015 101 http , protocols Mozilla Wants to Deprecate Non-Secure HTTP, Will Make Proposals to W3C “Soon” (epr /ven )Apr 30, 2015 100 mozilla , http Want Fancy Firefox Features? Secure Your Website (sts /cne )Apr 14, 2015 99 firefox , mozilla , browsers , http WordPress Front End Security: CSRF and Nonces (css )Mar 24, 2015 98 wordpress , csrf Introduction to WordPress Front End Security: Escaping the Things (css )Mar 23, 2015 97 introductions , wordpress , escaping What Are the Security Risks of HTML5 Apps? Mar 18, 2015 96 web-apps , sanitization Moving to HTTPS on WordPress (chr /css )Mar 6, 2015 95 wordpress , http Same-Origin Policy (ann )Feb 23, 2015 94 cors , web-platform Securing the Web (w3c )Jan 23, 2015 93 web-platform It’s Time to Encrypt the Entire Internet (kli /wir )Apr 17, 2014 92 web , http , ssl , encryption Cross-Origin Resource Sharing (ann /w3c )Jan 16, 2014 91 cors , standards Despite Automatic Updates, Old Browsers Are Still a Problem (edb /zdn )Jan 6, 2014 90 browsers , web-platform , chrome , google , firefox , mozilla , internet-explorer , microsoft , safari , apple Cross-Origin Resource Sharing on Track to Become a W3C Recommendation (sdt )Jan 3, 2014 89 w3c , cors , standards Bid to Kill CAPTCHA Security Test Gains Momentum Aug 5, 2013 88 captcha , accessibility We Should All Have Something to Hide Jun 12, 2013 87 privacy Mobile Website Security May 14, 2013 86 mobile , hosting , policies WordPress Security Tips Apr 17, 2013 85 wordpress , tips-and-tricks Brad Hill: “HTML5 Security Realities” (chr /css )Feb 22, 2013 84 slides , xss , html Bulletproof Your Drupal Website Jan 21, 2013 83 drupal Top 10 PHP Security Vulnerabilities Oct 15, 2012 82 php , vulnerabilities A Front End Engineer’s Manifesto (zac )Aug 24, 2012 81 websites , manifestos , user-experience , progressive-enhancement , simplicity , foss , accessibility , community , learning A JavaScript Security Flaw Aug 9, 2012 80 javascript The Secure Programmer’s Pledge Jul 16, 2012 79 manifestos An Introduction to Content Security Policy (mik /dev )Jun 15, 2012 78 introductions , csp Cross-Site Scripting Attacks (XSS) Apr 30, 2012 77 xss , examples How to Secure Your WordPress Website (sma )Nov 10, 2011 76 how-tos , wordpress , link-lists Using CORS (dev )Oct 26, 2011 75 cors XML Encryption Flaw Leaves Web Services Vulnerable (eur )Oct 24, 2011 74 web-services , xml , encryption Some Notes on the Recent XML Encryption Attack (w3c )Oct 24, 2011 73 xml , encryption HTTPS Is More Secure, So Why Isn’t the Web Using It? (ars )Mar 20, 2011 72 http , protocols , web Web Cryptography: Salted Hash and Other Tasty Dishes (ali )Feb 22, 2011 71 cryptography What Are the JSON Security Concerns in Web Development? (sim )Jan 6, 2011 70 json What Is Cross Site Scripting or XSS? (chr /css )Nov 19, 2010 69 xss , javascript , concepts Web Developers Accountable for HTML 5 Security Oct 5, 2010 68 html HTML5 Raises New Security Issues Aug 20, 2010 67 html , browsers 10 Useful WordPress Security Tweaks (sma )Jul 1, 2010 66 wordpress Web Security: Are You Part of the Problem? (cod /sma )Jan 14, 2010 65 vulnerabilities , php , javascript The Internet Is Closing to Innovation (zit /new )Nov 28, 2008 64 web You Could Be Getting Clickjacked (tec )Nov 21, 2008 63 vulnerabilities , frames , w3c Dumb Security Tips: Think Before You Follow Online Guides (tan )Oct 26, 2008 62 tips-and-tricks Internet Explorer 8 Promises Better Standards Compliance… and a Whole Lot More (est /cio )Mar 6, 2008 61 internet-explorer , microsoft , browsers , standards JavaScript Security Experiments (mar )Feb 7, 2007 60 javascript , experiments DOM vs. Web (mno )Apr 20, 2006 59 http , dom Top 7 PHP Security Blunders Dec 21, 2005 58 php , databases , sql Validate Your Input! May 9, 2005 57 validation JavaScript Security Oct 4, 2004 56 javascript File Upload Security (lac )Sep 8, 2004 55 html , file-handling Spot the Security Hole Jul 3, 2004 54 php JavaScript and Security (sim )Apr 19, 2004 53 javascript Handling Content From Strangers Mar 26, 2004 52 content Web Services Security Gets Serious Apr 23, 2003 51 web-services Getting Started With XML Security Nov 28, 2002 50 introductions , xml Sorting Out the Web Services Security Landscape (tec )Aug 28, 2002 49 web-services , ssl , w3c SSL Checker (EXPERTE.com) 48 tools , analysis , ssl , certificates ASCII to Unicode Encoder and Decoder 47 tools , exploration , conversion , unicode , encoding security.txt Generator 46 tools , exploration , content WebRTC and IP Address Leak Checker 45 tools , exploration , network , webrtc , ip , protocols Website Headers Analyzer (Dries Buytaert) (dri )44 tools , analysis , http , http-headers User Identity Generator 43 tools , exploration , placeholders , randomness Subresource Integrity Hash Generator (moz )42 tools , exploration , hashing SSL Client Checker 41 tools , exploration , ssl , tls SPF Record Generator 40 tools , exploration , dns , domains SHA-512 Hash Generator 39 tools , exploration , hashing Security Leak Victim Checker 38 tools , exploration Password Security Checker 37 tools , exploration , passwords Password Security Checker and Generator 36 tools , exploration , passwords Password Generator (Gibson Research Corporation) 35 tools , exploration , passwords Password Generator (Frontend Dogma) (fro )34 tools , exploration , frontend-dogma , passwords Password Generator (Arantius.com) 33 tools , exploration , passwords MD5 Hash Generator 32 tools , exploration , hashing HMAC Checker 31 tools , exploration Hash Generator 30 tools , exploration , hashing Executable File Analyzer 29 tools , exploration Device Vulnerability Checker 28 tools , exploration , vulnerabilities CSR Decoder 27 tools , exploration “chmod” Calculator 26 tools , exploration , permissions Browser Fingerprint Checker 25 tools , exploration , browsers Blowfish Hash Generator 24 tools , exploration , hashing AES Encrypter and Decrypter 23 tools , exploration , encryption Website Security Checker (Norton) 22 tools , analysis Website Security Checker (Google) 21 tools , analysis Website Scam Checker 20 tools , analysis Website Headers Analyzer (Security Headers) 19 tools , analysis , http , http-headers Website Headers Analyzer (Mozilla) (moz )18 tools , analysis , http , http-headers Website Certificate Fingerprint Checker 17 tools , analysis , certificates Virus Scanner 16 tools , analysis SSL Checker (SSL Shopper) 15 tools , analysis , ssl , certificates SSL Checker (Qualys) 14 tools , analysis , ssl , certificates SPF Record Checker 13 tools , analysis , dns , domains Site and Origin Comparer 12 tools , analysis , comparisons Malware and Security Scanner 11 tools , analysis Email Blacklist Checker 10 tools , analysis , email Domain or IP Spam Checker 9 tools , analysis , domains DNSSEC Checker 8 tools , analysis , dns Cross-Site WebSocket Hijacking Tester 7 tools , analysis Cookie Use Checker 6 tools , analysis , cookies Content Security Policy Validator (Google) 5 tools , analysis , csp , conformance Content Security Policy Validator (CSP Validator) 4 tools , analysis , csp , conformance Abuse Contact Lookup 3 tools , analysis , policies Server Port Scanner 2 tools , analysis , network , servers Website Experience Analyzer 1 tools , analysis , performance , user-experience