'Website not secure' notification

Since this is a new forum I'm looking for everyone's feedback so that we can customize the site accordingly. Post your suggestions and ideas here!
Post Reply
User avatar
fallingwickets
Clive the Thumb
Posts: 8813
Joined: Mon Nov 06, 2006 11:59 am

'Website not secure' notification

Post by fallingwickets »

using google chrome when logging on here at smf there is a red notification in the address saying that the site is not secure. if its costly to fix, can we pass a collection can around? thanks

clive
de gustibus non est disputandum
User avatar
drmoss_ca
Admin
Posts: 10731
Joined: Thu Jul 08, 2004 4:39 pm

Re: 'Website not secure' notification

Post by drmoss_ca »

It's simply that the site's address is http://forum.shavemyface.com rather than https://forum.shavemyface.com

Vince could buy a security certificate and have the address changed to https, but all it would do is convince complete strangers they were clicking on a link to shavemyface.com, rather than being surreptitiously redirected to mexicandonkeyporn.com (which might be a real site for all I know!) Having e-mailed Vince a few days ago when 18 Russian bots had broken into our security overnight and had no reply (yeah, Vince, I'm glaring at you: I do this shit for free and you better support me!) I wouldn't hold out a lot of hope that will change. We might be f*cked on the internet, but we still have better shaves than anyone else.
"Je n'ai pas besoin de cette hypothèse."
Pierre-Simon de Laplace
User avatar
drmoss_ca
Admin
Posts: 10731
Joined: Thu Jul 08, 2004 4:39 pm

Re: 'Website not secure' notification

Post by drmoss_ca »

It isn't; I checked. The things I do for you guys...
"Je n'ai pas besoin de cette hypothèse."
Pierre-Simon de Laplace
User avatar
cjc15153
Posts: 338
Joined: Sat Feb 02, 2008 3:38 pm
Location: Los Angeles

Re: 'Website not secure' notification

Post by cjc15153 »

There is a free ssl certification available from the Electronic Freedom Foundation (EFF) via letsencrypt.org. You need root access to the web server to install it, but I have been using it for a couple years without incident.

To redirect all traffic to https, you add a 301 redirect to the Apache or Nginx configuration file, which is pretty easy if that's all you have to change.
--
I am Chris #6. No relation to Nikki.
slackskin
Posts: 361
Joined: Sat Jan 28, 2012 4:27 am
Location: San Francisco Bay Area

Re: 'Website not secure' notification

Post by slackskin »

cjc15153 wrote: Mon Dec 24, 2018 1:57 pm There is a free ssl certification available from the Electronic Freedom Foundation (EFF) via letsencrypt.org. You need root access to the web server to install it, but I have been using it for a couple years without incident.

To redirect all traffic to https, you add a 301 redirect to the Apache or Nginx configuration file, which is pretty easy if that's all you have to change.
That is one of the cool things I like about this site. The membership includes lots of different people with different skills enabling almost any problem to be tackled. Bravo!
brothers
Posts: 21513
Joined: Sun Sep 14, 2008 7:18 am
Location: Oklahoma City USA

Re: 'Website not secure' notification

Post by brothers »

cjc15153 wrote: Mon Dec 24, 2018 1:57 pm There is a free ssl certification available from the Electronic Freedom Foundation (EFF) via letsencrypt.org. You need root access to the web server to install it, but I have been using it for a couple years without incident.

To redirect all traffic to https, you add a 301 redirect to the Apache or Nginx configuration file, which is pretty easy if that's all you have to change.
So, is this something I personally can/should do? Or am I understanding correctly that only the owner or admin can do such things? All of the above is not within my realm of knowledge. Also, what difference does it make to me in terms of posting? It's all Greek to me.
Gary

SOTD 99%: Monday, Wednesday, and Friday, soaps & creams, synthetic / badger brushes, Colonial General razor, Kai & Schick blades, straight razors any time, Superior 70 aftershave splash + menthol + 444
User avatar
drmoss_ca
Admin
Posts: 10731
Joined: Thu Jul 08, 2004 4:39 pm

Re: 'Website not secure' notification

Post by drmoss_ca »

No Gary, only Vince can do that. And if he did, it wouldn't change your user experience at all, beyond not getting the 'insecure site' on logging in.
"Je n'ai pas besoin de cette hypothèse."
Pierre-Simon de Laplace
Post Reply