Pinner safety is a top priority for us, and so earlier this year we joined the growing list of websites that are fully HTTPS. As we build trust with Pinners, it significantly improves security in one fell swoop. Migrating to HTTPS presented a number of expectedand unexpectedengineering challenges, starting with finding the right CDN provider partner.
We identified and mitigated many technical challenges in the discovery process of the migration. One of the biggest challenges was working with our CDN providers, which support HTTPS and our certificates. We also knew that CDN image distribution over HTTPS can potentially cost significantly more. Other technical challenges included:
Once we felt comfortable enough to start testing, we launched a test in the UK where we have an active Pinner community. Our tests showed there was an insignificant impact on SEO and little effect on any one browser. It wasnt until we cast a larger net to a percentage of our global audience did we see the following other challenges:
Although we anticipated a number of challenges, we were able to tackle those unexpected ones with a lean and fast-moving team. Heres how we did it:
In addition, having multiple CDN providers that supported HTTPS gave us options for performance as well as commercial leverage.
In the end, we enhanced the privacy of Pinners by enabling encryption while also hindering exploitation by way of man-in-the-middle attacks, session hijacking, content injection, etc. This also paved the way for future products that may require HTTPS to launch. Finally, the move to HTTPS resulted in a 10 percent (max) increase in signups a day, because we were able to remove the redirect flow from HTTP to the HTTPS signup page.
We will continue our journey towards HTTPS with further enhancements including HTTP Strict Transport Security (HSTS), which will prevent SSL stripping. We also plan to work with Chromium to preload our domain to prevent SSL stripping on a users first visit to Pinterest.
Prior to the HTTPS migration, we were hesitant to open a paid bug bounty program because of a number of known vulnerabilities associated with being only HTTP. Now that a number of gaps have been closed as a result of the migration, were happy to announce that weve upgraded the program with payouts results, with a 10x increase in reports since launching the paid program. We highly encourage the whitehat hacker community to use our program and report bugs, which helps us keep Pinners safe and increase our security posture.
If youre interested in working on security engineering challenges like this, join our team!
Paul Moreno is the security engineering lead on the Cloud team.
Migrating to HTTPS wasnt a smooth process. It took several members of various teams to pull off, and there were a number of moving parts. Special thanks to engineers Amine Kamel, Chris Danford, Danilo Stefanovic and Anna Majkowska for their hard work making Pinterest a safer place.