An Introduction to Web Security

Kevin  Hernández

@kevinah95

·

Kevin Hernández

Programming Artist

​@kevinah95

What is Web Security?

What is HTTP?

The HTTP authentication framework does not define a single mechanism for maintaining the confidentiality of credentials; instead, each authentication scheme defines how the credentials are encoded prior to transmission.

Hypertext Transfer Protocol (HTTP/1.1): Authentication — RFC7235

What is HTTPS and Why Is It Important?

HTTPS protects the integrity of your website

HTTPS protects the privacy and security of your users

HTTPS is the future of the web

HTTP/2

All requests are downloaded in parallel, not in a queue

HTTP headers are compressed

Pages transfer as a binary, not as a text file, which is more efficient

Servers can “push” data even without the user’s request, which improves speed for users with high latency

The Magic Behind HTTPS

— by Sebastián Peyrott (OAuth Blog)

Referencias

• Nginx configuration to enable https
• What is HTTP/2
• SSL Server Test