All Regions
Argentina
Australia
Austria
Belgium (fr)
Belgium (nl)
Brazil
Bulgaria
Canada (en)
Canada (fr)
Catalonia
Chile
China
Colombia
Croatia
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hong Kong
Hungary
Iceland
India (en)
Indonesia (en)
Ireland
Israel (en)
Italy
Japan
Korea
Latvia
Lithuania
Malaysia (en)
Mexico
Netherlands
New Zealand
Norway
Pakistan (en)
Peru
Philippines (en)
Poland
Portugal
Romania
Russia
Saudi Arabia
Singapore
Slovakia
Slovenia
South Africa
Spain (ca)
Spain (es)
Sweden
Switzerland (de)
Switzerland (fr)
Taiwan
Thailand (en)
Turkey
US (English)
US (Spanish)
Ukraine
United Kingdom
Vietnam (en)
Any Time
Past Day
Past Week
Past Month
Past Year
Improving my HTTPS support
willnorris.com/2013/improving-my-https-support/
Enabling PFS is really just a matter of selecting which ciphers your web server should use when establishing
SSL
connections. I followed the recommendations in this article from Qualys to configure my Apache web server. I host with Linode, and was previously using an Ubuntu 13.04 image, which ships with Apache 2.2 by default.
Forcing SSL on WordPress.org - willnorris.com
willnorris.com/2014/forcing-ssl-on-wordpress-org/
So it seems that wordpress.org now serves traffic over
SSL
, and will soon be switching to
SSL
only. In the comments on the above article, Andrew Nacin said: Yeah, all of WordPress.org will be 100% forced
SSL
soon. For WordPress, I suspect that this was largely a pragmatic decision to take advantage of SPDY, but I'll take it! Whatever gets ...
Tailscale devices with a custom domain
willnorris.com/2023/tailscale-custom-domain/
2023-11-01T00:00:00.0000000
What I found was coredns-tailscale, a plugin for coredns that effectively maps Tailscale device names onto a custom domain. The coredns-tailscale project has been around for about a year, and I later discovered that it had been mentioned in the Tailscale newsletter from October 2022 . I guess I either missed seeing it or just wasn't looking ...
HTTP Client Library for PHP - Will Norris
willnorris.com/2009/http-client-library-for-php/
SSL
support is a must; gzip compression is highly desirable as well; we need to limit any external dependencies outside of a standard PHP 5 installation, or as few as possible. (this of course doesn't include any code we ship as part of the library itself) I'm not aware of any need for support of HTTP cookies
security is just too hard - willnorris.com
willnorris.com/2006/security-is-just-too-hard/
Fortunately for me, my current employer offers web space for all students and staff which only works over
SSL
anyway. This system also allows pretty fine grained control over file access permissions, as well as the ability to create a time-based "ticket" to allow access. I then emailed this ticket to the company, and called them to give ...
Tailscale at the Pinewood Derby - Will Norris
willnorris.com/2023/tailscale-pinewood-derby/
2023-05-05T00:00:00.0000000
The track manager (who was tethered on a separate phone) was then able to navigate to my same MagicDNS hostname (something like https://derby.tailnet.ts.net) which routed through Tailscale's public funnel servers and down to my laptop.It worked amazingly well, especially considering that Funnel was a very new feature at the time.. We ran the whole pinewood derby like this without even the ...
OpenID provider wish-list
willnorris.com/2007/openid-provider-wish-list/
SSL
- not having
SSL
is an immediate deal breaker. If my password or my personal information is going over the wire, it sure as hell better be over an encrypted connection. Strong Authentication - this was the primary topic of the aforementioned post, and more details can be found there. The main point, however, is that I'd like some kind ...
strong authentication and emailing passwords
willnorris.com/2007/strong-authentication-and-emailing-passwords/
2023-03-01T00:00:00.0000000
And why the heck doesn't prooveme allow me to upload my existing
SSL
client cert that I have with Thawte? So anyway, if and when OpenID really starts to see usage outside the blogosphere, and even just as the number of services a single password can get you into grows, I think stronger authentication like this is going to become much more ...
wp-openid 2.2.0 released - Will Norris
willnorris.com/2008/wp-openid-220-released/
You'll either need to modify your
site
so that XRDS discovery can be performed without
SSL
, or get a certificate from a more commonly trusted CA. Will Norris July 25, 2008 @Christian: your server is returning an HTTP 400 to the request made by the openid library. The exact request (which reproduces the 400 over telnet) is:
Archive - Will Norris
willnorris.com/archives/
© Will Norris. Unless noted otherwise, text content is licensed under CC-BY 4.0 and code under an MIT License.CC-BY 4.0 and code under an MIT License.
IndieWebCamp SF 2014
willnorris.com/2014/indiewebcamp-2014/
There's only a couple of hours left in IndieWebCamp SF 2014, and it's been a really productive weekend. IndieWebCamp SF 2014, by Aaron Parecki I mostly got Webmentions working last year, but my implementation wasn't good enough that it stuck… I ending up disabling things before too long. This year, the WordPress plugin is in much better shape, I'm using a much better WordPress theme ...
Feedback