Anyone familiar with httpf?
Posted: Mon Apr 17, 2006 9:07 pm
What do you know about httpf? Are these supposed to be more secure or just faster sacrificing security?
TIA
Maverick
TIA
Maverick
Page 1 of 1
Posted: Mon Apr 17, 2006 9:32 pm
i know of http and https....not httpf...
Posted: Mon Apr 17, 2006 9:36 pm
httpF?!
Could you mean httpS?
Https is a secure HTTP protocol that uses SSL to encrypt data. It's a cheap way to encrypt your information sent over a web site. (Cheap meaning that it doesn't need a VPN or hardware to preform the encryption.) It uses up to 256-bit encryption to encrypt the 2-way data sent between the web server the client. But that's downgradable to what the client has on their browser. So you can opt to allow a 128-bit or lower client to connect to your site if you like.
It's drawback is that it requires a certificate authority to issue your domain an annual license to secure your web server. So, for example, if you wanted to secure http://www.campquake.net you would need to buy a certificate for that site. And if you wanted to secure server.campquake.net, that would require another certificate. I've found that http://www.thawte.com has good prices. But there was an open source SSL site trying to become a certificate of authority issuer for free. I haven't checked if that has become a valid alternative yet.
Could you mean httpS?
Https is a secure HTTP protocol that uses SSL to encrypt data. It's a cheap way to encrypt your information sent over a web site. (Cheap meaning that it doesn't need a VPN or hardware to preform the encryption.) It uses up to 256-bit encryption to encrypt the 2-way data sent between the web server the client. But that's downgradable to what the client has on their browser. So you can opt to allow a 128-bit or lower client to connect to your site if you like.
It's drawback is that it requires a certificate authority to issue your domain an annual license to secure your web server. So, for example, if you wanted to secure http://www.campquake.net you would need to buy a certificate for that site. And if you wanted to secure server.campquake.net, that would require another certificate. I've found that http://www.thawte.com has good prices. But there was an open source SSL site trying to become a certificate of authority issuer for free. I haven't checked if that has become a valid alternative yet.
Posted: Mon Apr 17, 2006 10:00 pm
I used http://www.rapidssl.com the last time and they worked out quite well so far. I've had the certificates with them for about 2 years now...
IIRC they were alot cheaper than Thawte was also...
There is such a thing as httpF although, some info on it can be found here.
http://httpf.sourceforge.net/
It's just a filtering proxy thats supposed to filter out bad things like javascript calls and client checks to find out what OS\Browser that you're running.
IIRC they were alot cheaper than Thawte was also...
There is such a thing as httpF although, some info on it can be found here.
http://httpf.sourceforge.net/
It's just a filtering proxy thats supposed to filter out bad things like javascript calls and client checks to find out what OS\Browser that you're running.
Posted: Mon Apr 17, 2006 11:33 pm
Thanks guys.
Checked out that link KD. Just to clarify, it is basically just like a firewall so to speak. It denies access to pages with questionable content?
Checked out that link KD. Just to clarify, it is basically just like a firewall so to speak. It denies access to pages with questionable content?
Posted: Tue Apr 18, 2006 2:09 am
there is also entrust - $150 or so, per year, and you can register multiple years at once, so no need to renew annually.Neophyte wrote:httpF?!
Could you mean httpS?
Https is a secure HTTP protocol that uses SSL to encrypt data. It's a cheap way to encrypt your information sent over a web site. (Cheap meaning that it doesn't need a VPN or hardware to preform the encryption.) It uses up to 256-bit encryption to encrypt the 2-way data sent between the web server the client. But that's downgradable to what the client has on their browser. So you can opt to allow a 128-bit or lower client to connect to your site if you like.
It's drawback is that it requires a certificate authority to issue your domain an annual license to secure your web server. So, for example, if you wanted to secure http://www.campquake.net you would need to buy a certificate for that site. And if you wanted to secure server.campquake.net, that would require another certificate. I've found that http://www.thawte.com has good prices. But there was an open source SSL site trying to become a certificate of authority issuer for free. I haven't checked if that has become a valid alternative yet.
Posted: Tue Apr 18, 2006 7:55 am
Not necessarilly the pages, just the questionable content on them...Thanks guys.
Checked out that link KD. Just to clarify, it is basically just like a firewall so to speak. It denies access to pages with questionable content?
Posted: Tue Apr 18, 2006 9:16 am
Ok, gotcha! Thanks