Does Sup Forums live up to its big mouth? Prove it here.
Practice what you preach
All the websites I run are pretty small so I don't care about compatibility. But I don't pin my certificates (I should enable CAA, though, but my Nameserver doesn't support it) because I don't trust myself to prevent a catastrophic fuckup.
That's just fine, user. I can afford exclusively using the stronger cipher suites and TLS 1.2 only, but if you serve a lot of customers you really have to make concessions, I get it. You're doing great. Are you using your own name servers or some third party's, btw?
I got an f
Great stuff, sport.
Are these yours?
Using cloudflare
Not using cloudflare
By the way, where can i get certificates for free?
Let's Encrypt
Meh. I have a cert from LetsEncrypt, but it's hosted on a RPi that's piggybacked on my local coffeeshop's network.
They left the config pw on default so I opened some ports :^)
Thanks
Forgot pic
Just quickly got CAA set up in my zone file, but it was A+ before that.
Those scores should be enough for an A+. What's capping you to an A?
Don't have CAA set up, I think
CAA isn't necessary for an A+
I use AWS to host my site on S3.
They have a free SSL cert service that is quite nice, and you can attach the cert to a CloudFront instance which is their CDN service.
Of course it is easier to have everything on AWS like I am doing, but your Cloudfront can be a cdn/cache for any domain.
My site setup this way got "A" on ssllabs.com for the ip4 hosts, and a warning apparently due to the ip6 hosts.
Got an F from mozilla for reasons in pic. I am using mostly default settings on cloudfront so I don't know if those issues can be fixed.
...
>not needed since site contains no script tags
good for you user