Calvin.My

Check signature of Android APK

Guide Android Security SDK

Posted by Calvin Chieng on July 10, 2019, 14:38

Adding CORS header for specific domains in Nginx

Snippet Nginx Config Security

Posted by Calvin Chieng on June 27, 2019, 15:58

How to set CAA DNS record?

To hint SSL CA if they are authorized to issue a cert for this domain

Guide Security SSL DNS

Posted by Calvin Chieng on March 21, 2018, 17:48

Implement and Verify Certificate Pinning in Android

With Android Nougat Security Config and Retrofit

Guide Android Security Retrofit SSL

Posted by Calvin Chieng on July 28, 2017, 20:27

TLS SSL protocols and cipher suites

Provide the correct cipher suites with the correct protocols for smooth and secure HTTPS experience.

Article SSL Security TLS

Posted by Calvin Chieng on September 17, 2016, 16:41

Protect email address displayed on your page

To prevent email harvesters from obtaining them easily

Article Security Email

Posted by Calvin Chieng on September 3, 2016, 23:22

SPF validation for your mail server

Add SPF entry in your DNS records to authorize a mail server

Snippet Email SEO Security DNS

Posted by Calvin Chieng on August 29, 2016, 21:52

Censoring data in rails log files

Log files should be free of sensitive information

Guide Rails Logging Security

Posted by Calvin Chieng on August 29, 2016, 19:06

Hiding server identity and signature for Nginx and Passenger

Usually you do not want to expose what server you are using and its version number.

Snippet Security Nginx Passenger

Posted by Calvin Chieng on August 22, 2016, 13:14

Blocking malicious crawler in nginx

To stay safe and reduce unnecessary bandwidth usage

Guide Security Nginx Crawler Blacklist

Posted by Calvin Chieng on August 18, 2016, 14:10

Using custom DH Param in Nginx

Avoid using nginx default dh param

Guide Security SSL Nginx DH Param

Posted by Calvin Chieng on August 18, 2016, 12:21