Chrome 68 due in July 2018, will start labeling plain websites on HTTP as insecure. Google is saying that 68 percent of Chrome traffic now is secure. Getting certificates used to be an expensive proposition, but you can now get secure certificates for close to zero cost. If you’re site is still insecure, consider switching to HTTPS and getting a certificate.
Twitter recently has turned on Hypertext Transfer Protocol Secure (HTTPS) by default to users who are logged in to Twitter.com. Once users are authenticated, they will be able to see the familiar HTTPS and an image of a secured lock (on Chrome) next to it in the browser’s address bar.
HTTPS provides encrypted communication and secure identification of network web servers. Encryption has been used for many years by payment processors, banks, and many other websites. It uses the TLS/SSL protocols to authenticate web servers. HTTPS uses port 443 by default, as opposed to port 80 for the standard HTTP.
The standard HTTP protocol is not secure and is subject to eavesdropping attacks, thereby letting attackers gain access to website accounts and sensitive information. To secure a website, administrators issue a public key certificate assigned by a trusted certificate authority.
By turning on HTTPS by default, Twitter is forcing users to use secure communication when logged in to Twitter.com. This is a positive move towards securing Twitter.com. In addition, Twitter still encourages users to use strong passwords with at least 10 characters, using a combination of letters and numbers.
Twitter announced today that it is adding HTTPS to their service to make it more secure. Twitter users should be able to go their user’s setting and choose a box to always use HTTPS. Twitter says HTTPS is recommended for users who use public Wi-Fi where network connections are less secure.
HTTPS is a combination of HTML and SSL/TLS protocols. HTTPS are often used for payment and banking transactions on the web. HTTPS usually displays a locked key on some browsers, or a modified or certified address bar in some browsers.
Twitter hopes to have HTTPS as the standard setting in the future.
This is good news for security conscious folks. GMail now comes with https set as default. From ZDNet:
A day after confirming a major security breach by Chinese hackers looking for GMail account information, Google has turned on default “https:” access for its popular Web mail service.
At least you can also count on the Chinese hackers to force securities measures to be put up.
This is a tutorial how to install a Subversion on your desktop. Subversion is an open-source revision control system. A repository is usually installed on servers so developers and programmers can have easy access to code. Subversion uses a check-in an check-out process for submitting changes to the repository. The repository can also be installed on desktop systems. Access is gained through many means by way of direct file access, ftp, http, svn and svn+ssh. See chart below.
Installing Subversion will install both Subversion administration tools and the client. In Ubuntu or Debian-based systems, you can install Subversion by performing the following commands. By the way, I added an Apache and Subversion WebDav module so both can be installed with just a single command.
sudo apt-get install subversion libapache2-svn
Reboot the Apache Web Server
sudo /etc/init.d/apache2 restart
Create a Subversion Repository
svnadmin create /home/yourname/repository/
I’m placing the repository in my home directory. You can place it anywhere in your system. You may need to use sudo if you install it outside of your home directory. Remember the repository location, we will use it a few times below to configure the Apache Subversion WebDav module, etc.
Import your Repository
svn import /path/to/import/directory file:///home/yourname/repository
If you have a repository ready, now is a good time to import it. If you are just starting out, you can initialize the Repository here.
Access to Subversion
|file://||Direct access on local disk|
|http://||Browser using http WebDav protocol|
|https://||Browser using https secure and WebDav|
|svn+ssh://||Subversion protocol and SSH tunnel|
Configure WebDav protocol
sudo vi /etc/apache2/apache2.conf
<Location /svn> DAV svn SVNPath /home/yourname/repository AuthType Basic AuthName "Repository" AuthUserFile /etc/subversion/passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
Change Ownership to HTTP-User
sudo chown -R www-data:www-data /home/yourname/repository
Password Protect the Repository
sudo htpasswd -c /etc/subversion/passwd username
You will be asked to provide a password. Enter the password twice.
Reboot Apache Server
sudo /etc/init.d/apache2 restart
It’s probably a good idea to restart the Apache server one more time.
Next, open up your browser and access http://localhost/svn from the address bar. You will be asked for the username and password. You should see the repository and any content or directory underneath it. That’s it. Happy coding.