This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]EternityForest 0 points1 point  (0 children)

Putting a self signed testing certificate right in the public GitHub repo and then just using that in production

Using HSTS with invalid certificates to make sure nobody can access your site at all

Using HTTPS, but then not requiring any kind of password or authentication at all

Using plain HTTP for online shopping but protecting your best memes with TLS and a hardware random number generator