Jump to content
The Corroboree
migraineur

Why isn't this site using https yet?

Recommended Posts

As the title asks, why isn't this site using https yet? We need some security and privacy here. 

  • Like 6

Share this post


Link to post
Share on other sites

We've talked about this before and T wasn't keen on switching it over in-case it led to dead links and database errors ect.

 

https can provide a false sense of security in some cases though, feds have devices that can strip the encryption and some of the certificate authorities are dodgy as fuck. Most of the time https prevents eavesdropping by weekend warriors but it won't stop the feds from having a look.

 

That being said https should be standard everywhere these days.

  • Like 4

Share this post


Link to post
Share on other sites

Bumping this... Defs should have https by now. Happy to assist if needed of course.

 

But with free options like cloudflare or letsencrypt it's less than a 20 min job. -- The 'dead links and database issues' wouldn't be a thing that this affects... and regardless it can be served as both http and https at the same time.

 

I think the users of this site deserve a better security default. Just my 2 cents.

  • Like 8

Share this post


Link to post
Share on other sites

I would also love to see this.

As qwerty puts it, dead links and database issues aren't a problem for this since you're just serving the pages using the https protocol. It wouldn't even necessarily need to use https to serve every page, just in posting/messaging/transacting etc.

Share this post


Link to post
Share on other sites
On 09/09/2019 at 7:14 PM, Slocombe said:

So I'm either tripping or we have https now B)B)

I think you're tripping ;)

 

Appears to still be using HTTP.

Where are you seeing a HTTPS connection?

Share this post


Link to post
Share on other sites

On my PC it's loading as https but now also saying https hasn't been fully implemented "Parts of this page are not secure (such as images).

 

On mobile it is using http...

 

 

Share this post


Link to post
Share on other sites

I can see it attempts the https first, but defaults back to standard.

I think a full implementation and confirmation would be great -- it is 2019 and https is the standard for websites, even if the content isn't necessarily sensitive.

Share this post


Link to post
Share on other sites

I'd love to get the ball rolling on this and happy to help out any way I can.

Are there any particular blockers for this migration?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×