PDA

View Full Version : HTTPS support for the forum



duksta
30-12-2014, 02:48 PM
Hi Forum admins,

Can we get this forum to support https for SSL/TLS encryption? This would help a bunch of us folks that might be behind firewalls or proxies that scan unencrypted content. The main site supports https, it should be a fairly easy change to make, and SSL certs for non-financial sites are cheap/free these days.

Cheers!

hongphuc84
24-09-2015, 11:17 AM
i want 50 post

domo
07-10-2015, 09:32 PM
HTTPS is a must coming up to the metadata laws coming into effect. Even a self signed cert would do for the encryption. Certificates are now less than $15 a year or free when the letsencrypt begins :)

domo
28-12-2015, 01:29 AM
letsencrpypt now makes it free. hope we could get that enabled once the provider eh, provides it ;)

O746
28-12-2015, 11:08 AM
Use a https proxy.

HTTPS makes shit slow.

domo
28-12-2015, 12:56 PM
Use a https proxy.

HTTPS makes shit slow.

https does not make it slow, it does stop caching but for a forum thats ok.

domo
01-03-2016, 01:18 PM
Letsencrypt is now open to the world. Most cpanels should not be supporting the free ssl cert which then auto renews for you.

Crusader
13-11-2016, 09:14 PM
A self signed cert will certainly have our browsers complaining ...

mj00
02-02-2017, 11:44 AM
And I've got to say, I'm not really comfortable with sending my password over http...

pk77
08-02-2017, 05:34 PM
You can get free SSL certs nowadays that won't pop up errors like self-signed certs would. Metadata is still captured regardless of SSL, but at least having encrypted password transmission would be a plus!!

Make sure you don't share usernames/passwords between this site and others, asking for trouble.

Administrator
04-04-2017, 11:18 PM
Why and how https benefit to us?

Also, pm me if you know how to set up https ? I need some tips

mj00
21-04-2017, 09:36 AM
Why and how https benefit to us?

At an absolute minimum, the login pages should be served with HTTPS. Currently, user passwords are sent over plain text. This means that it is trivial for an eavesdropper to steal logins and passwords. This is Internet Security 101 - do not send logins and passwords over plain text!

duksta
25-03-2019, 02:42 PM
Bumping this, as the world really has changed and HTTPS by default should be standard for websites these days.

If you need help with the setup, the links below should help. Otherwise PM me and perhaps there's a way I can assist more directly.

https://au.godaddy.com/help/install-a-lets-encrypt-certificate-on-your-cpanel-hosting-account-28023

https://medium.com/@ArthurFinkler/installing-a-lets-encrypt-ssl-certificate-on-your-godaddy-server-8a66385b7e1f

dellguy
19-04-2019, 07:16 AM
There is no legitimate reason not to have every website as full https these days.

kabukichonights
18-12-2019, 02:41 PM
Another bump here - The forum really should be browsable over HTTPS

mj00
08-01-2020, 11:21 PM
Bump... many web hosting companies even offer free SSL (via Let's Encrypt) these days.

eepee
14-01-2020, 06:43 AM
PM me and i can help

duksta
26-04-2022, 05:43 PM
Bump. HTTPS support is broken.

godofgamblers
21-06-2022, 04:12 PM
HTTPS is also broken for me, for what it's worth.

CanberraGuy
01-08-2022, 07:12 PM
I'm a systems engineer if you need a hand, its pretty easy

k0h1
29-08-2022, 12:17 AM
Yep supporting HTTPS for this forum would be beneficial!

amonger
28-10-2022, 12:29 AM
This is a good shout, just make sure to have every variation of the homepage URL 301 redirect to the https version with trailing slash.