Security
Page 15
-
Caching the Uncacheable: CSRF Security
James A Rosen
In this post, I investigate several strategies for maintaining security while improving cacheability. I use Ruby on Rails for the examples, but the techniques apply to nearly any web application framework.
Security -
Disabling SSLv3 Due to POODLE Vulnerability
Sean Leach
Based on our understanding of the POODLE vulnerability (mainly the fact that there is currently no workaround), and the fact that we have very little traffic running over SSLv3 (around .5% globally), we are disabling SSLv3 for all Fastly SSL customers, effective immediately. This will mainly affect users of Windows XP Pre-service pack 3 combined with IE version 6. If you are in this group, please upgrade to a more recent browser.
Security -
More Advanced Security Features for Your Fastly Account
Simon Wistow
Security is one of our top priorities at Fastly. We recognize that having your account compromised could have a profoundly negative impact on your business, leaving you and your customers vulnerable and at risk. So, with enthusiastic feedback from our customers, we've been testing out ways to improve account security features. Today, we're pleased to release two-factor authentication and IP account access restrictions.
Security -
Fastly Update on 'Heartbleed'
Christopher Brown
Here’s the latest update on the ongoing resolution to critical OpenSSL vulnerability CVE-2014-0160, aka 'Heartbleed,' which was announced on April 7th and affects nearly every Internet service provider and website using SSL to secure customer traffic.
Security
