Transport layer security (TLS) is the de facto standard for sending and receiving secure HTTP traffic. With this in mind, Varnish long ago built a standalone TLS proxy on the open-source Hitch project. It delivers secure transport and doesn’t interfere with content delivery performance, but for a number of reasons, it’s not always the right choice for every implementation.
Cybersecurity requires more than just a single action or approach because threats exist on many levels. Some of the biggest threats, in fact, can be internal: employees who aren’t fully aware of cybersecurity threats like phishing are a risk; incorrect configurations within your infrastructure can bring your website down (in fact, configuration errors can bring down half the internet). Cybersecurity isn’t just about securing web traffic through transport layer security (TLS) or putting up a firewall, even though these are necessary fundamentals.
In a recent webinar, we shared some of the big dos and don’ts of Varnish use. After outlining the don’ts in an earlier blog post, we promised to follow up with a rundown of the five Varnish dos as presented in the webinar. Obviously, you should watch the webinar to get the full story on why and how you should take these actions in Varnish, but here’s a quick taster to give you a preview of what you’ll learn.
The process of getting a piece of web content to the end user is actually quite complex - a lot of moving parts in the form of different software, different hardware, different levels of page complexity, network constraints and so on … all have to click together smoothly to make a web page appear. The fast, complete and personal content showing up on a phone or tablet takes a whole host of behind-the-scenes “magic” that just has to work.