I’m making some changes to the hosting and configuration of this site, you can see the rough goals below:
- Changing hosting provider from a legacy shared server to a cloud hosting provider with better security and high availability.
- Adding stricter (and end-to-end) encryption to the entire site using a combination of CloudFlare and LetsEncrypt.
- Changing the sites security / performance configuration to support and enforce:
- Content-Security-Policy
- X-Frame-Options
- X-XSS-Protection
- X-Content-Type-Options
- Strict-Transport-Security
- HTTP Strict Transport Security (HSTS)
- Authenticated Origin Pulls
- HTTP/2 + SPDY
- IPv6 Compatibility
- Scrape Shield
Using various tools this should actually be quite straightforward. I plan to detail the main stages / steps in some later posts.
