Blog

Blog > Security

Announcing the section.io Partner Program

Pete Jordan | December 01, 2016 | Performance, Security, Culture

section.io works with digital agencies, development shops, and hosting services to improve website performance and security

Read More

Debugging a secure website

Jason Stangroome | November 28, 2016 | Security

How to Debug an HTTPS Website As the Internet evolves with an ever increasing demand for security, websites are taking a full-HTTPS approach combined with additional features like Strict Transport Security (HSTS) and Public Key Pinning (HPKP). Websites adopting HTTP/2 for its performance benefits are also required to use HTTPS everywhere.

Read More

Free YXORP

Stewart McGrath | November 16, 2016 | Caching, Security, CDNs 101

This week, section.io is at the DeFrag Conference in Broomfield, Colorado, a technology conference that focuses on those at the core of every technology company: developers. section.io was founded by developers, for developers, and was built out of a frustration with the way Content Delivery Networks make it difficult for developers to easily drive and test the performance and security tools CDNs offer. At DeFrag we are launching our “Free YXORP” campaign, a movement to unleash the power of reverse proxies, which have long been held captive by Content Delivery Networks.

Read More

How to Be Ready for a Magento Security Incident

Jason Stangroome | November 14, 2016 | Magento, Security

A few weeks ago Magento published a very helpful article to their Security Center outlining the steps to follow after suffering a malware attack on your Magento site. It is a great resource to save away in case you ever find yourself in this situation, however, it is also beneficial to understand what exactly is involved so you can prepare now.

Read More

The section.io eBook on Optimizing your Magento Site for Performance

Roxana Elliott | October 04, 2016 | Magento, E-commerce, Performance, Security

Improve your ecommerce site with our eBook on performance and scalability for Magento In September we became a Magento Select Technology Partner, and for the past few weeks we’ve been hard at work compiling all our Magento knowledge so that merchants who want to improve their Magento site speed and scalability, get information on hosting for Magento, read about Magento cache options and more have a singular resource to turn to.

Read More

Web pages without HTTPS will be labelled insecure

Jason Stangroome | September 27, 2016 | Security

In case you missed it: Chrome to mark non-HTTPS pages insecure Google recently announced that in version 56 of their Chrome browser (expected in about 3 months) will change the address bar to clearly label websites served without HTTPS as “not secure” if the page contains a password or credit card input field.

Read More

section.io Introduces Community Forum

Stewart McGrath | September 22, 2016 | Performance, Security, CDNs 101

We’re pleased the introduce the section.io Community Forum, where section.io users and those looking for information about Content Delivery Networks, Varnish Cache, and general website performance and security enhancements can post and answer questions. Anyone can read questions by others on the Community Forum, and to ask your own questions sign up for a free section.io account.

Read More

Introducing Multiple SSL Certificates on section.io

Melissa Kilbourne | September 14, 2016 | Security

We’re pleased to annouce that section.io now supports multiple free SSL certificates if your website application uses multiple domains. The section.io platform can now create, manage, and renew a free SSL certificate for all the domains that use one section.io configuration, so you don’t have to worry about your SSL certificate expiring and your website becoming more vulnerable to attacks.

Read More

Varnish WAF Options

Daniel Bartholomew | September 07, 2016 | Varnish Cache, Security

It’s common that a modern web site will want the advantages of Varnish’s excellent programming model in tandem with a WAF.

Read More

Ensuring Your SSL Certificate is Setup on Magento

Stewart McGrath | August 30, 2016 | CDNs 101, Security, Magento

A Study of how Magento Websites use SSL for HTTPS Recently, section.io studied a random sample of around 330 websites running on Magento Enterprise, the leading eCommerce solution for large businesses.

Read More

The cost of HTTP 404 Page Not Found

Jason Stangroome | August 26, 2016 | Caching, Security, Performance, Varnish Cache

Reducing 404 error pages on your website Do you know how many resources are consumed by your origin web servers to determine that a requested URL is non-existent and render the Not Found response page? Many site owners cannot answer this question, and most of the time this is fine because a well-managed site will rarely need to serve a 404 under normal conditions.

Read More

Quick Analysis of ABS Census Outage

Stewart McGrath | August 09, 2016 | Security, Performance, Caching

As we know, millions of Australians have not been able to lodge their Census online as the ABS Census site is offline.

Read More

Announcing free hosted DNS

Melissa Kilbourne | June 22, 2016 | CDNs 101, Security, Performance

We have recently released two new features that make it easier to utilize section.io’s CDN for your website. There are two requirements to start serving traffic over section.io:

Read More

Announcing free Automated HTTPS Certificates

Melissa Kilbourne | June 22, 2016 | Security

We have recently released two new features that make it easier to utilize section.io’s CDN for your website. There are two requirements to start serving traffic over section.io:

Read More

Canonical bare domains and cookies

Jason Stangroome | June 21, 2016 | Varnish Cache, Caching, Security

Suppose you bought the domain name “example.com” for your website. Will your visitors enter www.example.com or just the bare domain example.com in their browser’s address bar to access your site?

Read More

Cross-site request forgery and caching

Jason Stangroome | June 13, 2016 | Caching, Security

As summarised by OWASP, Cross-Site Request Forgery (CSRF) is “an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated”.

Read More

A little help improving your website's transport security

Jason Stangroome | May 09, 2016 | Security

Ivan Ristic of Qualys blogged last year about a TLS Maturity Model, citing that “over time, … deploying TLS securely is getting more complicated, rather than less”.

Read More

ModSecurity for DDOS Attacks

Daniel Bartholomew | April 24, 2016 | Security

DDOS attacks come in many styles and target various layers of a system. It is increasingly common to see attacks targeted at Layer 7, where a surge of HTTP requests is made to your site.

Read More

Vanity Tracker Domain HTTPS with Pardot & Salesforce

Elijah Glover | April 15, 2016 | Marketing, Security

Most astute companies are using marketing automation software to help streamline their marketing message and increase sales results. Security and performance typically aren’t your first thoughts when setting up such systems and configuring vanity tracker domains.

Read More
Blog Categories

Interested in articles about a specific topic? Click on a category to see all related content.

section.io Sign up

Want to get started improving your website performance, scalability, and security? Sign up for a 14 day free trial of section.io and see what we can do for you!

Get started