Getting WordPress to play along with HTTP Content Security Policy (CSP) can be challenging.
Security headers play an important role in protecting your web site against malicious attacks, but they can also cause trouble for legitimate server applications.
Continue reading Fixing content security Policy for WordPress
I have created a new encryption key, and will transition away from the old one. Inspired by Simon Josefsson at Yubico, I have created (that is, copied) his key transition statement. It can be found at https://espenandersen.no/key-transition-2016-12-22.txt. The statement is signed by both my old and my new key.
Continue reading New GPG key
If you want your audience to be absolutely certain that the web page you just served them has not been tampered with, read on. This method may be a good way to calm down even your most paranoid readers.
Continue reading Sign a web page with PGP
My installation of the anonymous submission system SecureDrop is now live. This means that you can contact me secretly if you have material intended for my eyes only.
Continue reading SecureDrop me a message