Author Topic: Has there been any thought of upgrading the site to utilize HTTPS ?  (Read 243 times)

0 Members and 1 Guest are viewing this topic.

Offline Headless Death

  • Of the Nexus
  • ***
  • Posts: 575
  • Karma: 4
  • Gender: Male
  • u/QuartetGhent
With the encouragement over the last few years by large players like Google, Mozilla, Cisco, and such to have more websites convert to HTTPS, has a conversion at any point been considered?

For example, the W3C encourages more sites to convert. Info Here

One setback I can see is the incompatibility with out of date platforms like Windows XP prior to SP3.  But a vast majority of people are going to be using compatible browsers so I don't think this is that much of an issue. 

Another Could be cost, with many sites asking to $50-150 for certificates.  But a solution to this could be Let's Encrypt, which offers Domain Verification certificates for free by being sponsored by a large list of the big internet players.

And I suppose the largest hurdle to them all would be time to look into how to implement on your site, and which URLs may need to be updated to have that added 's'.  The most I can find related to the SMF platform is from this thread on their board.  Another consideration is the DV certificates provided by Let's Encrypt expire every 90 days, so they suggest renewing the certificate automatically every 60 days. 

I can easily see this something that may take time to implement, and may not be done with how life typically gets in the way of side projects like this.  I mostly bring this up because I'm hoping to no longer see the not secured warning when looking at SK.net. :guts:

Offline Aazealh

  • 髑髏の騎士
  • Administrator
  • Of Terror
  • *****
  • Posts: 18453
  • Karma: 643
  • Gender: Male
  • そうはいかぬ
Re: Has there been any thought of upgrading the site to utilize HTTPS ?
« Reply #1 on: December 14, 2017, 04:53:18 PM »
The website already supports HTTPS.

Offline Headless Death

  • Of the Nexus
  • ***
  • Posts: 575
  • Karma: 4
  • Gender: Male
  • u/QuartetGhent
Re: Has there been any thought of upgrading the site to utilize HTTPS ?
« Reply #2 on: December 14, 2017, 06:22:17 PM »
Okay, that's good. :serpico:  I've noticed that it can depend on how you navigate to SK.net.  If I type "skullknight.net" it in IE, then it leads to the unsecure version.  In Chrome it leads to the Secure Version.  In Firefox the unsecured Version.  If you search in google, it leads to the secured version, although if using Bing it leads to the unsecured.

Another thing I noticed, is if you go into the forum from the landing page, you are taken to the unsecure version regardless if you are on the secure or unsecure version of the landing page.  I figure this is that time consuming part I mentioned before where it can take a while before finding all the forgotten references to the HTTP without the 'S'.

Would it be possible to put in a script to default to the use of HTTPS?