302 to https://

Discussion in 'Suggestions and Feedback' started by Number6, Mar 6, 2018.

  1. Number6

    Number6 Inactive User

    Joined:
    Apr 25, 2013
    Location:
    Dublin
    Car(s):
    2005 0.7L Copen
    Google Chrome has started flagging sites served over HTTP as insecure. It makes sense to redirect all HTTP traffic to HTTPS for that sweet sweet padlock.
     
  2. copenworld

    copenworld Copenworld Founder Staff Member

    Joined:
    Sep 21, 2009
    Location:
    Auckland, NZ
    Car(s):
    Copen
    Yes, I agree!

    I started setting up https ages ago. It shouldn’t be difficult, but I somehow managed to get it all horribly mixed up with testing a new version of the forum software, and I hit a few problems, so I threw it all up in the air, sulked for a bit, then walked away and forgot about it :think:

    I’ll get back onto it soon. Probably. :blush:
     
  3. Vin Petrol

    Vin Petrol Copenworld Regular

    Joined:
    Jan 21, 2017
    Location:
    Stockport
    Car(s):
    2004 0.7 Copen
    I don't agree. Unless you already pay for SSL certification, it's not worth it for a site that doesn't HAVE any confidential information. Vendor sites need it to keep your personal details and financial information secure, Copenworld doesn't sell anything so the only information here about any of us are our public posts.
     
  4. Edmund

    Edmund Copenworld Newbie

    Joined:
    Oct 18, 2017
    Location:
    Tochigi (100km north of Tokyo)
    Car(s):
    Copen Cero
    The benefits are a bit limited for the reason you give but copenworld has email addresses and passwords, which wisely or not some users will reuse on other sites. Also you can also MITM an HTTP site to inject nasty JavaScript exploit code to attack the user's computer in different ways, so it's worth cooperating with Google's attempt to drag everyone into upgrading.

    It's not massively urgent or anything, but it's still worth doing. There's no need to pay for a certificate either, thanks to Let's Encrypt.
     
  5. Vin Petrol

    Vin Petrol Copenworld Regular

    Joined:
    Jan 21, 2017
    Location:
    Stockport
    Car(s):
    2004 0.7 Copen
    Ah, if it's free that's another matter, although we're an unlikely site for attacks due to the specialist nature of it.

    On the subject of passwords, I have an awful memory, but I find the 'leetspeak' method works for me for secure passwords I can actually recall. I just find some word or phrase I can associate with the site, then throw in numbers and capitals. For example 'copen' would become c0P3n. I don't bother for most forums since all they have is my email, but anywhere with payment details gets a unique one :p
     
  6. Number6

    Number6 Inactive User

    Joined:
    Apr 25, 2013
    Location:
    Dublin
    Car(s):
    2005 0.7L Copen
    Lets Encrypt have completely changed the way the industry have viewed SSL certs. In the past, you applied SSL certs manually, they lasted a year, and you paid someone.

    Now the SSL cert renewal and application is automated, they last 90 days, and cost nothing - all these mean that SSL is becoming the new standard protocol in comparison to HTTP... and long may it live.
     
    Vin Petrol likes this.
  7. copenworld

    copenworld Copenworld Founder Staff Member

    Joined:
    Sep 21, 2009
    Location:
    Auckland, NZ
    Car(s):
    Copen
    Yes, it's free now, so at least that's one thing I don't have to pay for!

    I'll be setting it up shortly....
     
  8. copenworld

    copenworld Copenworld Founder Staff Member

    Joined:
    Sep 21, 2009
    Location:
    Auckland, NZ
    Car(s):
    Copen
    OK, I've done it, I hope! :cool:

    All pages should now be https, so you should see the padlock.

    I hope I've picked up everything that needed to be changed. I may have missed something, so if you see any errors or warnings, please let me know and I'll take a look.
     
    Number6 likes this.
  9. Edmund

    Edmund Copenworld Newbie

    Joined:
    Oct 18, 2017
    Location:
    Tochigi (100km north of Tokyo)
    Car(s):
    Copen Cero
    Looking good, keep up the good work.
     
    Vin Petrol and copenworld like this.
  10. Number6

    Number6 Inactive User

    Joined:
    Apr 25, 2013
    Location:
    Dublin
    Car(s):
    2005 0.7L Copen
    Nice one!
     
    copenworld likes this.

Share This Page