Jump to content
The Corroboree
Fezza

Enforce SSL/TLS encryption for the forum

Recommended Posts

Hi @Torsten

 

I'm a lot more security and privacy concise these days, and I've noticed all the links in this forum are not linking to the encrypted URLS.

SSL is available, but not enforced, is there anyway for your to enforce/push it?

 

I'm somewhat concerned about DMs, login & payments pages.

  • Like 1

Share this post


Link to post
Share on other sites

I think it is open to people to connect here and speak off this platform using more secure platforms.

Share this post


Link to post
Share on other sites
On 19/08/2021 at 10:59 PM, Slocombe said:

I think it is open to people to connect here and speak off this platform using more secure platforms.

I'm more concerned about my password or payment details being transmitted unencrypted in clear text for all the internet's routers to see.

  • Like 1

Share this post


Link to post
Share on other sites

Yeah, nothing to do with 'open for people to connect' -- https won't impede that.

 

It's legit 3 lines to add in to the virtual hosts file. (Assuming apache webserver)  or 3 lines in a .htaccess file in the root dir. TBH as well , not sure why the yearly server costs are so extraordinarily high ~$3k!? I'm certain there's ways to achieve what's currently being hosted much cheaper. )

 

Happy to offer for free my time and knowledge to assist in getting this all set up more efficiently and securely if you'd take me up on it @Torsten?

  • Like 5

Share this post


Link to post
Share on other sites

Is odd that there is even a valid cert there, it's just not being used?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×