I have been following instructions from the SSL cert provider to get a cert setup for my domain. They gave me a command-line argument to run that created a .csr file and a .pem file. I provided the information from the CSR file and the cert was generated. I now have a .ca-bundle, .crt and…
I'm not really sure what this setting even does but it is flagged as being really dangerous. Why is it dangerous to have allow_url_include  on a webserver running PHP as the main language and how are you supposed to disable it?
Why is this considered a dangerous thing to have enabled on your system? This sounds to me like something that is quite useful. Why should i be careful about using this?
There are various reasons that you might want to force a website to use SSL. In general, if you have an SSL cert setup for your website, you should probably force all users to https even if the page doesn't contain sensitive data. In an ideal world, you would do this on the server side…
SHA 1 has been known to have many weaknesses for over 10 years and it's not at the point where it is possible to crack it if you have the resources. As of 2016, websites using SHA1 SSL certs will be penalized. Check your certificate with this tool. As of January 1, 2016, no publicly…