CPCWiki forum

General Category => CPCWiki Discussion => Topic started by: Gryzor on 09:29, 23 February 19

Title: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 09:29, 23 February 19
So, it had to happen of course at some point.


Thanks to the nagging (and help!) of @ASiC (http://www.cpcwiki.eu/forum/index.php?action=profile;u=22) we switched over to HTTPS.


To be more precise, we enabled HTTPS, but traffic is not automatically redirected to it just yet. You can access the new, improved and secure site by manually using https:// in front of the address or you can continue using the old, bleh, meh, full of insecurities site as usual.


I will default the site and redirect all traffic once it's made clear that there are no issues, so please, please, any feedback on the secure version is more than welcome.


I'm aware that the forum does not qualify as fully secure yet because of some over-http references that I'll have to change, but otherwise things look fine.


Cheers
T
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: tjohnson on 10:23, 23 February 19
Question, what is the importance of encrypting traffic on a site like this ?  It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 10:46, 23 February 19
Well, risk is minimal I'd say. Security-wise you risk exposing your password if someone targets the wiki and if you use the same one elsewhere it's going to be a problem. Also Paypal has issues with http referrers but that only kind of affects people trying to donate.


All in all, that's why I put it off for so long - it wasn't really *needed* from a security point of view. More important is what Google thinks of you, I'd say, since it demotes non-secure sites.


Oh, I forgot to mention, I had to remove the Topsites button because it was being served over HTTP.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: tjohnson on 12:11, 23 February 19
Cool thanks, yeah I think you are right about Google.  Does the software encrypt and compress, with modern computers having so much grunt you think it would be easy to do that to reduce traffic.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 12:41, 23 February 19
Yes, our server has gzip enabled, but this works well mainly with code, not images. There are savings to be had, but nothing earth shattering.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: gerald on 13:59, 23 February 19
More important is what Google thinks of you, I'd say, since it demotes non-secure sites.
My biased understanding was that Google pushed https (and demoted http) only to prevent site owner to do any useful analytic, and push them to use google tools instead  :-X
Like they promote web page that start with a big full screen illustration just to check that the user scroll down to see any valuable info. Something called engagement ... and a mean to check you're not a robot and mark served ads as viewed by a human.
Getting sick of having to pass Turing test on all those Google tailored web pages.

But hey, https on cpcwiki is a good thing, at least for password protection  :)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 14:02, 23 February 19
Not really, analytics and all other services work fine without https to this day. That was part of the 'better web'initiative of theirs and nobody said anything bad about it, to be honest...

Sent from my ONEPLUS A6000 using Tapatalk

Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: robcfg on 16:31, 23 February 19
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 18:31, 23 February 19
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.
Yes, I mentioned that in my first post [emoji4] I'll fix it soon!

Sent from my ONEPLUS A6000 using Tapatalk

Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: ASiC on 00:52, 24 February 19
Thanks to the nagging (and help!) of @ASiC (http://www.cpcwiki.eu/forum/index.php?action=profile;u=22)


 ;D ;D :P


Cheers bud!
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: LambdaMikel on 04:46, 24 February 19
Question, what is the importance of encrypting traffic on a site like this ?  It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)
Site indexing will be worse (Google and friends stopped indexing non-HTTPS sites a while ago AFAIK - even my personal page uses HTTPS)  ;)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 06:28, 24 February 19
Not, not yet at least, they're still indexing, but you get a ranking penalty...

Sent from my ONEPLUS A6000 using Tapatalk

Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 06:29, 24 February 19
By the way, anyone noticed any issues?

Sent from my ONEPLUS A6000 using Tapatalk

Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: GUNHED on 15:34, 24 February 19
Hi Gryzor,
Thanks a lot for rushing through all that. Here it works very smooth and nice. I can't sense a difference. Also the "forum-freeze" moments seem to be less than before. Great work!  :)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: gerald on 16:19, 24 February 19
By the way, anyone noticed any issues?
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: ASiC on 19:14, 24 February 19
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )
Yeah, some links and images need to be fixed (http://www.cpcwiki.eu/forum/logo_new_hor_sm.png, gravatar.com)

Other than that, I haven't had any issues with the forum over https
 
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 10:27, 25 February 19
Yeah, internal links should be fixed once https becomes default. Gravatar, though... hm, that's something different, got to see where to specify that. Thanks for the feedback guys!
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: berks on 14:07, 04 September 19
Hello CPCWiki team!


Thank you for enabling HTTPS for the site :)


Sadly, it switches back to HTTP as many of the internal links point to the HTTP version and there is no redirect to point the browser back to HTTPS.


Hopefully this is something that can be fixed :) but I understand this is not exactly a for-profit project so the resources may be limited. I would be happy to help if the team thinks that would come in handy! my background is in networking and infrastructure.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 14:22, 04 September 19
Hello Berks,


You're right, it does do that. The reason is, when I installed the certificate I didn't know what problems to expect so I left http enabled as well - so links are not automatically forwarded, of course.


But, it looks like we havent met with any issues so I may as well make https the only allowed protocol :)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: SRS on 21:07, 06 September 19
Is it just here ? Firefox starts to tell me its a DANGEROUS site ?
See screenshot
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 21:11, 06 September 19
Argh.

I changed something in the config a few minutes ago, can you check again?

This error appeared because you visited the canonical uri which auto redirected to the www part. So it carried the canonical certificate, though I have issued one for the www as well.

Got to think it through, but my mind right now is more like a mushed potato after 10 hours in Excel.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: SRS on 22:29, 06 September 19
logging out , relaodaing firefox, and .. nope:
https://cpcwiki.eu/index.php/Main_Page not working
https://cpcwiki.eu/ not working
https://www.cpcwiki.eu/ -> working

Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 10:51, 07 September 19
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Nich on 11:17, 07 September 19
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?

I get the same error in Firefox 69.0:

"Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for cpcwiki.eu. The certificate is only valid for www.cpcwiki.eu.
 
Error code: SSL_ERROR_BAD_CERT_DOMAIN"
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 14:20, 07 September 19
Will have to check my redirects... Do you see this on the wiki, the forum or both?
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Nich on 00:21, 08 September 19
Will have to check my redirects... Do you see this on the wiki, the forum or both?

I see it on both the wiki and the forum.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 13:00, 09 September 19
Yeah, I see it too, though not with all browsers (go figure). Not sure why it doesn't read the certificate of the target domain. I'll try setting up an alias in Apache, unless someone's got a better idea?
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: SRS on 21:56, 12 October 19
Still - or again ? - having issues with firefox and page. Will update firefox now and re-check.
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: SRS on 21:58, 12 October 19
Didn't help ...
http://cpcwiki.eu/index.php/Main_Page
Websites bestätigen ihre Identität mittels Zertifikaten. Firefox vertraut dieser Website nicht, weil das von der Website verwendete Zertifikat nicht für cpcwiki.eu gilt. Das Zertifikat ist nur gültig für www.cpcwiki.eu (http://www.cpcwiki.eu).
 
Fehlercode: SSL_ERROR_BAD_CERT_DOMAIN
 
Zertifikat anzeigen
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: SRS on 21:14, 15 November 19
Still troubles with firefox :)
Title: Re: CPCWiki joins the modern era - over HTTPS!
Post by: Gryzor on 10:36, 16 January 20
Hello there,

Haven't forgotten about this. I just managed to fix an issue with auto-forwarding in the forum, but I'm still scratching my head on the issue you're reporting... :(