So, it had to happen of course at some point.
Thanks to the nagging (and help!) of @ASiC (http://www.cpcwiki.eu/forum/index.php?action=profile;u=22) we switched over to HTTPS.
To be more precise, we enabled HTTPS, but traffic is not automatically redirected to it just yet. You can access the new, improved and secure site by manually using https:// in front of the address or you can continue using the old, bleh, meh, full of insecurities site as usual.
I will default the site and redirect all traffic once it's made clear that there are no issues, so please, please, any feedback on the secure version is more than welcome.
I'm aware that the forum does not qualify as fully secure yet because of some over-http references that I'll have to change, but otherwise things look fine.
Cheers
T
Question, what is the importance of encrypting traffic on a site like this ? It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)
Well, risk is minimal I'd say. Security-wise you risk exposing your password if someone targets the wiki and if you use the same one elsewhere it's going to be a problem. Also Paypal has issues with http referrers but that only kind of affects people trying to donate.
All in all, that's why I put it off for so long - it wasn't really *needed* from a security point of view. More important is what Google thinks of you, I'd say, since it demotes non-secure sites.
Oh, I forgot to mention, I had to remove the Topsites button because it was being served over HTTP.
Cool thanks, yeah I think you are right about Google. Does the software encrypt and compress, with modern computers having so much grunt you think it would be easy to do that to reduce traffic.
Yes, our server has gzip enabled, but this works well mainly with code, not images. There are savings to be had, but nothing earth shattering.
Quote from: Gryzor on 09:46, 23 February 19
More important is what Google thinks of you, I'd say, since it demotes non-secure sites.
My biased understanding was that Google pushed https (and demoted http) only to prevent site owner to do any useful analytic, and push them to use google tools instead :-X
Like they promote web page that start with a big full screen illustration just to check that the user scroll down to see any valuable info. Something called engagement ... and a mean to check you're not a robot and mark served ads as viewed by a human.
Getting sick of having to pass Turing test on all those Google tailored web pages.
But hey, https on cpcwiki is a good thing, at least for password protection :)
Not really, analytics and all other services work fine without https to this day. That was part of the 'better web'initiative of theirs and nobody said anything bad about it, to be honest...
Sent from my ONEPLUS A6000 using Tapatalk
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.
Quote from: robcfg on 15:31, 23 February 19
It complains that the site is not fully secure and someone could see the images I'm watching and modify them.
Yes, I mentioned that in my first post [emoji4] I'll fix it soon!
Sent from my ONEPLUS A6000 using Tapatalk
Quote from: Gryzor on 08:29, 23 February 19
Thanks to the nagging (and help!) of @ASiC (http://www.cpcwiki.eu/forum/index.php?action=profile;u=22)
;D ;D :P
Cheers bud!
Quote from: tjohnson on 09:23, 23 February 19
Question, what is the importance of encrypting traffic on a site like this ? It isnt my bank afterall and I've not been concerned is someone intercepts a message about a 30 year old computer :)
Site indexing will be worse (Google and friends stopped indexing non-HTTPS sites a while ago AFAIK - even my personal page uses HTTPS) ;)
Not, not yet at least, they're still indexing, but you get a ranking penalty...
Sent from my ONEPLUS A6000 using Tapatalk
By the way, anyone noticed any issues?
Sent from my ONEPLUS A6000 using Tapatalk
Hi Gryzor,
Thanks a lot for rushing through all that. Here it works very smooth and nice. I can't sense a difference. Also the "forum-freeze" moments seem to be less than before. Great work! :)
Quote from: Gryzor on 05:29, 24 February 19
By the way, anyone noticed any issues?
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )
Quote from: gerald on 15:19, 24 February 19
It's just me or forum links go to http instead of https :
On this thread the line : CPCWiki forum » General Category » CPCWiki Discussion ....
CPCWiki discussion links to the http version while the previous links to https
(firefox 65.0.1 64bit )
Yeah, some links and images need to be fixed (http://www.cpcwiki.eu/forum/logo_new_hor_sm.png, gravatar.com)
Other than that, I haven't had any issues with the forum over https
Yeah, internal links should be fixed once https becomes default. Gravatar, though... hm, that's something different, got to see where to specify that. Thanks for the feedback guys!
Hello CPCWiki team!
Thank you for enabling HTTPS for the site :)
Sadly, it switches back to HTTP as many of the internal links point to the HTTP version and there is no redirect to point the browser back to HTTPS.
Hopefully this is something that can be fixed :) but I understand this is not exactly a for-profit project so the resources may be limited. I would be happy to help if the team thinks that would come in handy! my background is in networking and infrastructure.
Hello Berks,
You're right, it does do that. The reason is, when I installed the certificate I didn't know what problems to expect so I left http enabled as well - so links are not automatically forwarded, of course.
But, it looks like we havent met with any issues so I may as well make https the only allowed protocol :)
Is it just here ? Firefox starts to tell me its a DANGEROUS site ?
See screenshot
Argh.
I changed something in the config a few minutes ago, can you check again?
This error appeared because you visited the canonical uri which auto redirected to the www part. So it carried the canonical certificate, though I have issued one for the www as well.
Got to think it through, but my mind right now is more like a mushed potato after 10 hours in Excel.
logging out , relaodaing firefox, and .. nope:
https://cpcwiki.eu/index.php/Main_Page not working
https://cpcwiki.eu/ not working
https://www.cpcwiki.eu/ -> working
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?
Quote from: Gryzor on 08:51, 07 September 19
Yeah, I don't know why... It's what I said before, but why doesn't it read the certificate?
I get the same error in Firefox 69.0:
"Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for cpcwiki.eu. The certificate is only valid for www.cpcwiki.eu.
Error code: SSL_ERROR_BAD_CERT_DOMAIN"
Will have to check my redirects... Do you see this on the wiki, the forum or both?
Quote from: Gryzor on 12:20, 07 September 19
Will have to check my redirects... Do you see this on the wiki, the forum or both?
I see it on both the wiki and the forum.
Yeah, I see it too, though not with all browsers (go figure). Not sure why it doesn't read the certificate of the target domain. I'll try setting up an alias in Apache, unless someone's got a better idea?
Still - or again ? - having issues with firefox and page. Will update firefox now and re-check.
Didn't help ...
http://cpcwiki.eu/index.php/Main_Page
Websites bestätigen ihre Identität mittels Zertifikaten. Firefox vertraut dieser Website nicht, weil das von der Website verwendete Zertifikat nicht für cpcwiki.eu gilt. Das Zertifikat ist nur gültig für www.cpcwiki.eu (http://www.cpcwiki.eu).
Fehlercode: SSL_ERROR_BAD_CERT_DOMAIN
Zertifikat anzeigen
Still troubles with firefox :)
Hello there,
Haven't forgotten about this. I just managed to fix an issue with auto-forwarding in the forum, but I'm still scratching my head on the issue you're reporting... :(