Jump to content
The Corroboree
migraineur

Why isn't this site using https yet?

By migraineur, in Site & Forum Matters

Recommended Posts

migraineur   

migraineur
Posted

As the title asks, why isn't this site using https yet? We need some security and privacy here. 

  • Like 6

Share this post

Link to post
Share on other sites

Sallubrious   

Sallubrious
Posted

We've talked about this before and T wasn't keen on switching it over in-case it led to dead links and database errors ect.

 

https can provide a false sense of security in some cases though, feds have devices that can strip the encryption and some of the certificate authorities are dodgy as fuck. Most of the time https prevents eavesdropping by weekend warriors but it won't stop the feds from having a look.

 

That being said https should be standard everywhere these days.

  • Like 4

Share this post

Link to post
Share on other sites

qwertyuiop   

qwertyuiop
Posted

Bumping this... Defs should have https by now. Happy to assist if needed of course.

 

But with free options like cloudflare or letsencrypt it's less than a 20 min job. -- The 'dead links and database issues' wouldn't be a thing that this affects... and regardless it can be served as both http and https at the same time.

 

I think the users of this site deserve a better security default. Just my 2 cents.

  • Like 8

Share this post

Link to post
Share on other sites

XavierDass   

XavierDass
Posted

I would also love to see this.

As qwerty puts it, dead links and database issues aren't a problem for this since you're just serving the pages using the https protocol. It wouldn't even necessarily need to use https to serve every page, just in posting/messaging/transacting etc.

Share this post

Link to post
Share on other sites

XavierDass   

XavierDass
Posted
On 09/09/2019 at 7:14 PM, Slocombe said:

So I'm either tripping or we have https now B)B)

I think you're tripping ;)

 

Appears to still be using HTTP.

Where are you seeing a HTTPS connection?

Share this post

Link to post
Share on other sites

Slocombe   

Slocombe
Posted

On my PC it's loading as https but now also saying https hasn't been fully implemented "Parts of this page are not secure (such as images).

 

On mobile it is using http...

 

 

Share this post

Link to post
Share on other sites

XavierDass   

XavierDass
Posted

I can see it attempts the https first, but defaults back to standard.

I think a full implementation and confirmation would be great -- it is 2019 and https is the standard for websites, even if the content isn't necessarily sensitive.

Share this post

Link to post
Share on other sites

XavierDass   

XavierDass
Posted

I'd love to get the ball rolling on this and happy to help out any way I can.

Are there any particular blockers for this migration?

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing Site & Forum Matters
×