Does Sup Forums live up to its big mouth? Prove it here.
Practice what you preach
Nathaniel Roberts
Logan Collins
All the websites I run are pretty small so I don't care about compatibility. But I don't pin my certificates (I should enable CAA, though, but my Nameserver doesn't support it) because I don't trust myself to prevent a catastrophic fuckup.
Parker Diaz
That's just fine, user. I can afford exclusively using the stronger cipher suites and TLS 1.2 only, but if you serve a lot of customers you really have to make concessions, I get it. You're doing great. Are you using your own name servers or some third party's, btw?
Logan Walker
I got an f
Gabriel Robinson
Great stuff, sport.
Kevin Stewart
Are these yours?
Henry Thompson
Using cloudflare
Julian Ramirez
Not using cloudflare
Jace Allen
By the way, where can i get certificates for free?
Carson James
Let's Encrypt
Alexander Turner
Meh. I have a cert from LetsEncrypt, but it's hosted on a RPi that's piggybacked on my local coffeeshop's network.
They left the config pw on default so I opened some ports :^)
Oliver Cooper
Thanks
Justin Baker
Forgot pic
Juan Young
Just quickly got CAA set up in my zone file, but it was A+ before that.
Adam Hernandez
Those scores should be enough for an A+. What's capping you to an A?
Aiden Brooks
Don't have CAA set up, I think
Aaron Bell
CAA isn't necessary for an A+
Dominic Scott
I use AWS to host my site on S3.
They have a free SSL cert service that is quite nice, and you can attach the cert to a CloudFront instance which is their CDN service.
Of course it is easier to have everything on AWS like I am doing, but your Cloudfront can be a cdn/cache for any domain.
Jayden Garcia
My site setup this way got "A" on ssllabs.com for the ip4 hosts, and a warning apparently due to the ip6 hosts.
Got an F from mozilla for reasons in pic. I am using mostly default settings on cloudfront so I don't know if those issues can be fixed.
Mason Scott
...
Alexander Clark
>not needed since site contains no script tags
good for you user