Author Topic: CPCWiki joins the modern era - over HTTPS!  (Read 1715 times)

0 Members and 1 Guest are viewing this topic.

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
CPCWiki joins the modern era - over HTTPS!
« on: 09:29, 23 February 19 »
So, it had to happen of course at some point.


Thanks to the nagging (and help!) of @ASiC we switched over to HTTPS.


To be more precise, we enabled HTTPS, but traffic is not automatically redirected to it just yet. You can access the new, improved and secure site by manually using https:// in front of the address or you can continue using the old, bleh, meh, full of insecurities site as usual.


I will default the site and redirect all traffic once it's made clear that there are no issues, so please, please, any feedback on the secure version is more than welcome.


I'm aware that the forum does not qualify as fully secure yet because of some over-http references that I'll have to change, but otherwise things look fine.


Cheers
T

Offline tjohnson

  • Supporter
  • 6128 Plus
  • *
  • Posts: 685
  • Country: gb
    • index.php?action=treasury
  • Liked: 215
  • Likes Given: 135
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #1 on: 10:23, 23 February 19 »
Question, what is the importance of encrypting traffic on a site like this ?  It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #2 on: 10:46, 23 February 19 »
Well, risk is minimal I'd say. Security-wise you risk exposing your password if someone targets the wiki and if you use the same one elsewhere it's going to be a problem. Also Paypal has issues with http referrers but that only kind of affects people trying to donate.


All in all, that's why I put it off for so long - it wasn't really *needed* from a security point of view. More important is what Google thinks of you, I'd say, since it demotes non-secure sites.


Oh, I forgot to mention, I had to remove the Topsites button because it was being served over HTTP.

Offline tjohnson

  • Supporter
  • 6128 Plus
  • *
  • Posts: 685
  • Country: gb
    • index.php?action=treasury
  • Liked: 215
  • Likes Given: 135
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #3 on: 12:11, 23 February 19 »
Cool thanks, yeah I think you are right about Google.  Does the software encrypt and compress, with modern computers having so much grunt you think it would be easy to do that to reduce traffic.

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #4 on: 12:41, 23 February 19 »
Yes, our server has gzip enabled, but this works well mainly with code, not images. There are savings to be had, but nothing earth shattering.

Offline gerald

  • Supporter
  • 6128 Plus
  • *
  • Posts: 1.419
  • Liked: 996
  • Likes Given: 251
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #5 on: 13:59, 23 February 19 »
More important is what Google thinks of you, I'd say, since it demotes non-secure sites.
My biased understanding was that Google pushed https (and demoted http) only to prevent site owner to do any useful analytic, and push them to use google tools instead  :-X
Like they promote web page that start with a big full screen illustration just to check that the user scroll down to see any valuable info. Something called engagement ... and a mean to check you're not a robot and mark served ads as viewed by a human.
Getting sick of having to pass Turing test on all those Google tailored web pages.

But hey, https on cpcwiki is a good thing, at least for password protection  :)
« Last Edit: 14:00, 23 February 19 by gerald »

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #6 on: 14:02, 23 February 19 »
Not really, analytics and all other services work fine without https to this day. That was part of the 'better web'initiative of theirs and nobody said anything bad about it, to be honest...

Sent from my ONEPLUS A6000 using Tapatalk


Offline robcfg

  • Supporter
  • 6128 Plus
  • *
  • Posts: 2.230
  • Country: se
  • 8-Bit Technomancer
    • index.php?action=treasury
  • Liked: 989
  • Likes Given: 2264
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #7 on: 16:31, 23 February 19 »
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #8 on: 18:31, 23 February 19 »
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.
Yes, I mentioned that in my first post [emoji4] I'll fix it soon!

Sent from my ONEPLUS A6000 using Tapatalk


Offline ASiC

  • Supporter
  • CPC664
  • *
  • Posts: 120
  • Country: gb
  • Liked: 75
  • Likes Given: 302
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #9 on: 00:52, 24 February 19 »
Thanks to the nagging (and help!) of @ASiC


 ;D ;D :P


Cheers bud!

Offline LambdaMikel

  • 6128 Plus
  • ******
  • Posts: 1.628
  • Country: us
    • Homepage
  • Liked: 874
  • Likes Given: 667
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #10 on: 04:46, 24 February 19 »
Question, what is the importance of encrypting traffic on a site like this ?  It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)
Site indexing will be worse (Google and friends stopped indexing non-HTTPS sites a while ago AFAIK - even my personal page uses HTTPS)  ;)

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #11 on: 06:28, 24 February 19 »
Not, not yet at least, they're still indexing, but you get a ranking penalty...

Sent from my ONEPLUS A6000 using Tapatalk


Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #12 on: 06:29, 24 February 19 »
By the way, anyone noticed any issues?

Sent from my ONEPLUS A6000 using Tapatalk


Offline GUNHED

  • 6128 Plus
  • ******
  • Posts: 1.368
  • Country: de
  • Reincarnation of TFM
    • FutureOS - The quickest OS for the CPC and Plus
  • Liked: 770
  • Likes Given: 1643
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #13 on: 15:34, 24 February 19 »
Hi Gryzor,
Thanks a lot for rushing through all that. Here it works very smooth and nice. I can't sense a difference. Also the "forum-freeze" moments seem to be less than before. Great work!  :)
http://futureos.de --> Get the revolutionary FutureOS (Recent update: 2019.08.07)
http://futureos.cpc-live.com/files/LambdaSpeak_RSX_by_TFM.zip --> Get the RSX-ROM for LambdaSpeak :-) (Updated: 2019.08.14)

Offline gerald

  • Supporter
  • 6128 Plus
  • *
  • Posts: 1.419
  • Liked: 996
  • Likes Given: 251
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #14 on: 16:19, 24 February 19 »
By the way, anyone noticed any issues?
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )

Offline ASiC

  • Supporter
  • CPC664
  • *
  • Posts: 120
  • Country: gb
  • Liked: 75
  • Likes Given: 302
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #15 on: 19:14, 24 February 19 »
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )
Yeah, some links and images need to be fixed (http://www.cpcwiki.eu/forum/logo_new_hor_sm.png, gravatar.com)

Other than that, I haven't had any issues with the forum over https
 

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #16 on: 10:27, 25 February 19 »
Yeah, internal links should be fixed once https becomes default. Gravatar, though... hm, that's something different, got to see where to specify that. Thanks for the feedback guys!

Offline berks

  • CPC464
  • **
  • Posts: 8
  • Country: gb
  • Liked: 4
  • Likes Given: 8
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #17 on: 14:07, 04 September 19 »
Hello CPCWiki team!


Thank you for enabling HTTPS for the site :)


Sadly, it switches back to HTTP as many of the internal links point to the HTTP version and there is no redirect to point the browser back to HTTPS.


Hopefully this is something that can be fixed :) but I understand this is not exactly a for-profit project so the resources may be limited. I would be happy to help if the team thinks that would come in handy! my background is in networking and infrastructure.

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #18 on: 14:22, 04 September 19 »
Hello Berks,


You're right, it does do that. The reason is, when I installed the certificate I didn't know what problems to expect so I left http enabled as well - so links are not automatically forwarded, of course.


But, it looks like we havent met with any issues so I may as well make https the only allowed protocol :)

Offline SRS

  • Supporter
  • 6128 Plus
  • *
  • Posts: 559
  • Country: de
  • Schneider CPC464 - what else ?
  • Liked: 546
  • Likes Given: 286
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #19 on: 21:07, 06 September 19 »
Is it just here ? Firefox starts to tell me its a DANGEROUS site ?
See screenshot

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #20 on: 21:11, 06 September 19 »
Argh.

I changed something in the config a few minutes ago, can you check again?

This error appeared because you visited the canonical uri which auto redirected to the www part. So it carried the canonical certificate, though I have issued one for the www as well.

Got to think it through, but my mind right now is more like a mushed potato after 10 hours in Excel.

Offline SRS

  • Supporter
  • 6128 Plus
  • *
  • Posts: 559
  • Country: de
  • Schneider CPC464 - what else ?
  • Liked: 546
  • Likes Given: 286
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #21 on: 22:29, 06 September 19 »
logging out , relaodaing firefox, and .. nope:
https://cpcwiki.eu/index.php/Main_Page not working
https://cpcwiki.eu/ not working
https://www.cpcwiki.eu/ -> working

« Last Edit: 22:36, 06 September 19 by SRS »

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #22 on: 10:51, 07 September 19 »
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?

Offline Nich

  • Supporter
  • 6128 Plus
  • *
  • Posts: 685
  • Country: gb
  • CPC Game Reviews webmaster
    • CPC Game Reviews
  • Liked: 523
  • Likes Given: 647
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #23 on: 11:17, 07 September 19 »
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?

I get the same error in Firefox 69.0:

"Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for cpcwiki.eu. The certificate is only valid for www.cpcwiki.eu.
 
Error code: SSL_ERROR_BAD_CERT_DOMAIN"

Offline Gryzor

  • Administrator
  • 6128 Plus
  • *****
  • Posts: 15.157
  • Country: gr
  • CPC-Wiki maintainer
    • CPCWiki
  • Liked: 2993
  • Likes Given: 5318
Re: CPCWiki joins the modern era - over HTTPS!
« Reply #24 on: 14:20, 07 September 19 »
Will have to check my redirects... Do you see this on the wiki, the forum or both?