This is the first time in months that wp.boba.org has been online. The site is now hosted on the latest Ubuntu server LTR. DNS, public and private, has changed. Google dropped the domain registrar business. Google’s registered domains were transferred to Squarespace. And Squarespace does not support dynamic DNS so had to find a DDNS provider. Came up with afraid.org and now it’s providing my DNS.
My internal DNS, on dnsmasq, resolves boba.org correctly so I get this website when wp.boba.org is the URL. It works at Starbucks too, so public and private name resolution is working the way I want.
After being able to get to it I want to know how secure the website is. For the guest is the connection secure and not snoopable and secure against MITM attacks?
The sever itself, is it safe from external manipulation? And that should be “servers” and “themselves” because there is the OS running on bare metal, web server, and database server facing the public Internet and the same plus DHCP and other services on the private network.
How to tell? The following is the limited set of links I’ve been able to find that scan a website without requiring any type of registration. This website seems to rate okay in all but one tool. Need to dig into that one and see what the flags are.
SSL Server Test: wp.boba.org (Powered by Qualys SSL Labs)
Scan results for wp.boba.org | HTTP Observatory | MDN
wp.boba.org – Sucuri SiteCheck