| Security Policy

Your privacy is important to me.

To the best of my ability, I attempt to maintain this site in accordance with industry best practice.
As this website is hosted within the EU, this extends to attempting to comply with GDPR.

Please note:

This is a personal website, it is not a business entity.

This site exists to help me teach myself about website design and Google Analytics, which gives me valuable insight into how people interact with this website.
well... it did... - but currently it's broken due to some issues with configuring Security Headers.

I want to make this website better for you, the viewer, but I feel that in order to do that I need to better understand how people use this website.
I hope you don't mind, but if you do, I hear good things about the NOSCRIPT addon for Mozilla Firefox.

Technical Information:

HSTS is enabled and should ensure that this webpage is https only.
Apache is configured to prefer specific TLSv1.2 ciphers for perfect forward secrecy
• The https & TLSv1.2 fully support PCI-DSS 3.2.1, HIPAA, and NIST compliant ciphers.
• The SSL certificate for this webpage is provided by Lets Encrypt, and has a short lifetime.
• This domain and it's subdomains use a combination of SPF DKIM and DMARC to help validate emails as genuine.
• This domain and it's subdomains use DNSSEC to help validate that the SPF DKIM and DMARC records (along with all other DNS records) are genuine.

DANE is partially implemented.
This is said to work with DNSSEC to further aid validation of DNS records as genuine.
I haven't yet (25/05/2019) learnt enough about DANE to be confident with the implementation.

OCSP Stapling is partially implemented.
I'm not entirely happy with the reasoning behind implementing, but HIPAA compliance is one reason. Postfix does not directly support OCSP Stapling.


Last Updated 2019/05/27 11:40 CET.

Cookie Policy
Privacy Policy
Security Policy
Terms & Conditions

© 2019 Allan Wallace