Results 1 to 3 of 3

Thread: HTTPS support

  1. #1
    Join Date
    Oct 2016
    Location
    Brazil
    Posts
    206
    Thanks Thanks Given 
    177
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default HTTPS support

    Maybe this isn't a trivial thing to solve, but I feel I should ask...

    In these days, HTTPS is getting more important. Search engines are using as a criterion in their rankings. Also, Chrome and Firefox recently started to show the "Not Secure" warning on the address bar to websites which use plaint HTTP.

    And although JonnyGuru.com per si shouldn't have many valuable infos, you never know the intentions of the agents in the middle of those things...

    So, is there a chance to have HTTPS support here? What about getting a free cert through Let's Encrypt ?

  2. The Following 2 Users Say Thank You to Internet For This Useful Post:

    MartyMcFly (06-08-2018), Nuckles_56 (03-31-2017)

  3. #2
    Join Date
    Nov 2010
    Posts
    380
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    10
    Thanked in
    8 Posts

    Default

    It's a public forum, everything you type is visible to anyone logged in and browsing the forum.
    Only private information would be your email address and your password, when you create an account.

    There's no point in adding it.

    I'd recommend it only if you're going to do some other things as well, like upgrading to HTTP 2 / SPDY (which kinda requires TLS by default, kinda because standard doesn't require it but browsers will only use it with TLS today) and rewriting the urls to be more "seo friendly" on the forum and the website.

  4. #3
    Join Date
    Jun 2018
    Location
    Israel
    Posts
    8
    Thanks Thanks Given 
    10
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts

    Default

    Sorry for bumping this old thread but:
    There's no point in adding it
    Forgive me but this is very wrong. Long articles were written on why HTTPS should be everywhere, I'm not going to repeat them here, but the bottom line is that HTTP is going to be deprecated. Also even if everything here is public, the login details most people use are shared, and even that's not secured. And even if you followed the best practice of using a unique passowrd (vast majority don't, and reuse passwords), someone could impersonate you here etc.

    Anyway, it actually looks like HTTPS is working, but not perfectly. Functionally, everything seems to be working, but images are broken (still usable because of alt text, just not pretty). Might be an easy fix (serve the images from HTTPS)?

  5. The Following User Says Thank You to MartyMcFly For This Useful Post:

    Nuckles_56 (06-18-2018)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •