Tag: security

Web hosting models for software development agencies

Web hosting models for software development agencies

- - Articles

In order to choose a web hosting solution for a project, what criteria do you take into account? Prefer managed or unmanaged services? Shared or dedicated environments? In this article I explore the alternatives from the viewpoint of a web development agency and argue why a website per cloud server is our preferred option as of this writing.

Changelog 2018-10-08

Changelog 2018-10-08

- - Changelog

This week we’ve been doing a major update. We’ve deployed new features, bug fixes, and upgrades to our infrastructure. Here you can find a summary of user-facing changes.

Users

    • Server user management. You can create and delete server users from Moss. For each user you can also manage the associated SSH public keys. This means that public keys are not bound to servers any more, but to server users.
    • Custom user per website. You can leverage the aforementioned users to isolate the websites hosted on a same server between each other. Choose the user as you create the website in Moss or change the user afterwards.

Workers

    • Worker logs are now within folder /home/<site-user>/sites/<site-name>/logs/workers/
Why we love Cloudflare – and you will, too

Why we love Cloudflare – and you will, too

- - Articles

From time to time you find companies, products, or services you cannot help to fall in love with. As soon as you get used to them, you cannot imagine how you could work without them. Folks, no doubt Cloudflare is one of those.

Employed by over 10 million domains, chances are that you’re already using Cloudflare. But maybe you haven’t had the time to check everything they do to build a faster web and a more secure Internet. In this post I summarize some ways you can take advantage of their free plan to speed up and secure your websites.

Certificate Transparency for domain owners

Certificate Transparency for domain owners

- - Articles

Certificate Transparency (CT) provides a means to detect certificates that are mistakenly or maliciously issued by a Certification Authority (CA). As a domain owner, you should care about this for two different reasons: i) You can detect if an attacker is issuing certificates to impersonate your websites; and ii) browsers like Chrome and Safari mark your website as “insecure” if your certificate doesn’t comply with their CT policy.

Want to know the details? Please keep reading 🙂

Don’t miss a post! Subscribe to the Moss Blog