just obvious request [https/SSL for forum?]
Moderator: Jake
- sexcuir
- VIP
- Posts: 659
- Joined: Wed Mar 30, 2011 10:08 am
- Has thanked: 11 times
- Been thanked: 84 times
- Contact:
just obvious request [https/SSL for forum?]
hello rom could have somme https verybody would be protected
Last edited by SexySurgical on Mon Jun 18, 2018 10:57 am, edited 1 time in total.
Reason: []
Reason: []
- Rommeltje
- The man in charge
- Posts: 13068
- Joined: Sat Nov 20, 2010 10:14 pm
- Location: Amsterdam
- Has thanked: 1355 times
- Been thanked: 836 times
- Contact:
Re: just obvious request [https/SSL for forum?]
We've had that discussion among the moderators, and this was the conclusion:
Rommeltje wrote:We can't. We'd have to switch from shared to dedicated hosting in order to that, and buy a certificate, which would up our costs considerably. I don't think we're enough at risk to make it worth that.
- SexySurgical
- Rommeltje's Deputy
- Posts: 11868
- Joined: Wed Nov 24, 2010 1:04 am
- Location: Dutchieland
- Has thanked: 2018 times
- Been thanked: 408 times
- Contact:
Re: just obvious request [https/SSL for forum?]
Details that really need to be protected, like bank details and addresses, can always be sent via e-mail, assuming enough trust has been built in previous communications.
-
- Occasional poster
- Posts: 14
- Joined: Fri Oct 03, 2014 3:21 am
Re: just obvious request [https/SSL for forum?]
Okay, I want to make everyone understand that without SSL everything on this site including usernames and passwords are sent to the hosting server in plaintext. At the moment a malicious attacker can eavesdrop everything. I suggest that we use SSL encryption from the Let'sEncrypt organization (https://letsencrypt.org/). It is free and extremely easy to setup. Please take note in the companies that sponsor it. We all want a safer and secure Internet.
- SexySurgical
- Rommeltje's Deputy
- Posts: 11868
- Joined: Wed Nov 24, 2010 1:04 am
- Location: Dutchieland
- Has thanked: 2018 times
- Been thanked: 408 times
- Contact:
Re: just obvious request [https/SSL for forum?]
Agreed, we'll need to point that out more, our equipment and such is very functional, but not exactly brand new top notch.
Thanks for your participation and consideration!Tpt35 wrote:Okay, I want to make everyone understand that without SSL everything on this site including usernames and passwords are sent to the hosting server in plaintext. At the moment a malicious attacker can eavesdrop everything. I suggest that we use SSL encryption from the Let'sEncrypt organization (https://letsencrypt.org/). It is free and extremely easy to setup. Please take note in the companies that sponsor it. We all want a safer and secure Internet.
-
- Occasional poster
- Posts: 14
- Joined: Tue Jun 11, 2013 10:17 pm
- Location: Dutchieland
- Been thanked: 3 times
Re: just obvious request [https/SSL for forum?]
I do host some website's for other people on my VPS, with Directadmin.
I don't know who told you that you have to switch from shared to dedicated, but i have several domains/users who use the Let's Encrypt method to activate SSL.
Send me an message if you need more information.
I don't know who told you that you have to switch from shared to dedicated, but i have several domains/users who use the Let's Encrypt method to activate SSL.
Send me an message if you need more information.
- Rommeltje
- The man in charge
- Posts: 13068
- Joined: Sat Nov 20, 2010 10:14 pm
- Location: Amsterdam
- Has thanked: 1355 times
- Been thanked: 836 times
- Contact:
Re: just obvious request [https/SSL for forum?]
Googling it again, I think I got some outdated info.rook wrote:I don't know who told you that you have to switch from shared to dedicated, but i have several domains/users who use the Let's Encrypt method to activate SSL.
I've tried something that should work (Cloudflare). if not, I'll send you a PM. If so, we'll be on https from now on.
Thanks for your reply!
- Rommeltje
- The man in charge
- Posts: 13068
- Joined: Sat Nov 20, 2010 10:14 pm
- Location: Amsterdam
- Has thanked: 1355 times
- Been thanked: 836 times
- Contact:
-
- Occasional poster
- Posts: 6
- Joined: Wed Jan 30, 2019 12:53 am
- Has thanked: 3 times
- Been thanked: 3 times
Re: just obvious request [https/SSL for forum?]
I second this, SSL support today si a must. Let's Encrypt makes it easy for any Unix-like server out there.
About the synchronization error, if you use a load balancer/s to spread the load into the servers, (and to avoid malicious atempts from botnets), you must add the cert to that/these machine/s.
About the synchronization error, if you use a load balancer/s to spread the load into the servers, (and to avoid malicious atempts from botnets), you must add the cert to that/these machine/s.
- SexySurgical
- Rommeltje's Deputy
- Posts: 11868
- Joined: Wed Nov 24, 2010 1:04 am
- Location: Dutchieland
- Has thanked: 2018 times
- Been thanked: 408 times
- Contact:
Re: just obvious request [https/SSL for forum?]
I believe we do not have that much access to our shared hosting server.
7981878523 wrote: ↑Fri Feb 01, 2019 3:17 am I second this, SSL support today si a must. Let's Encrypt makes it easy for any Unix-like server out there.
About the synchronization error, if you use a load balancer/s to spread the load into the servers, (and to avoid malicious atempts from botnets), you must add the cert to that/these machine/s.