Worried about the SSL transition from SHA-1 to SHA-2? We’ve got you covered!


Every internet user is familiar with the lock icon which comes with almost every website these days – this means that the website is secured by an SSL certificate which will guarantee that sensitive information sent across the Internet is encrypted.

We all know how vital security is in the online world, but how does the SSL manage to encrypt all of this information so that it won’t get in the wrong hands?

Well, the answer is the hashing algorithm – an important feature of the public-key encryption which is used to encrypt the communication between a server and a browser. It’s really important to keep up with it and use the latest version to make sure your website is protected. Here at Layershift, this is our main purpose: to ensure that your website and business are protected and up to date – so we followed the evolution of the hashing algorithm and pro-actively updated the certificates issued via ourselves to use the latest version.

Read more…

Is it safe to use SSL SNI in production?

Thanks to SNI technology you can now host multiple SSL certificates on a single IP address. But what is SNI? How does it work its magic? What are the disadvantages? Let’s take a closer look and decide together if you should use SNI for your production websites.

Two announcements that shook the Internet

Could the Internet be reaching its last days? Surely it could never happen? Ok, perhaps slightly melodramatic, but a few recent incidents clearly demonstrated the impact IPv4 address shortages are starting to have on everyday Internet operations.

One of the largest outages in Internet history recently shook the online community. Major Internet Services Providers like BT and Virgin in the UK and AT&T, Time Warner and Verizon in the US went down. It appears that these outages were all caused by growth of the BGP routing table – a knock-on impact of the increasing scarcity of available IPv4 addresses.

Our friends over at Microsoft Azure also had their own problems when they ran out of spare IPv4 addresses earlier this year.

Add to that the fact that Google have started giving a ranking boost to secure https/SSL sites, and intends to accelerate the prominence of this factor in future. So Google are at it again – shaping the lives of SEO experts and their clients the world over. This time there’s a catch due to the implications this has for excessive IPv4 address consumption!

Read more…

OpenSSL vulnerability – Heartbleed Bug statement

You might think the Heartbleed bug is already history, but in recent days some of our customers have requested a public announcement due to the unprecedented media profile of this particular security vulnerability.

Whilst the media are (rightly, to an extent) making a lot of noise about this bug and its significance to the Internet population at large, the truth is we as sysadmins haven’t treated this security threat any differently to any other.

heartbleedThere are lots of important security vulnerabilities uncovered which have the potential to give an attacker full access to your server (arguably more serious than this case) – so we patch and workaround security vulnerabilities on an almost daily basis as part of our fully managed service. There is simply no reason or benefit to announce each and every one of these – our customers use our service to stay focused on their business rather than technical details like these.

Our expert technical team are always there in the background, performing server tune-ups to ensure that the configuration is optimal and secure at all times, so that you don’t have to.

If you somehow managed to miss the media coverage and the myriad of announcements and emails in your inbox about the Heartbleed bug, you can find more details regarding this vulnerability alert issued by the OpenSSL group on April 7, 2014: http://heartbleed.com/

Read more…

SSL Certificates Explained

SSL is an acronym for Secure Sockets Layer, an encryption technology used to protect sensitive information passed between a web server and a web browser. An SSL certificate provides the encryption keys used during the communication – think of it like a secret password needed to decode the data transmitted between your computer and the specific server you’re talking to.

SSL certificates

Even if other Internet users or servers “eavesdrop” on your conversation, they cannot understand what you’re saying because it’s all in a secret code only known to you and the server you’re speaking to.

“S” stands for secure

The ease of shopping and comparing products and prices online makes it an attractive option for many shoppers. But how can you make sure your transactions are safe and your credit card information is going only where you intend it to?

The first thing you should check when purchasing on the Internet (or entering any sensitive information – even login details) should be to look for the “S” in the website address bar. If the address starts with “https” you are on a secure site.

This “S” from “https” gives superpowers to a web page. It means that there’s an SSL certificate which will guarantee that the information you enter (e.g. your personal details or credit card information) is encrypted before transmission from your computer to the Internet. As a customer, that’s all that should interest you.

Read more…