just obvious request [https/SSL for forum?]

Got any ideas on how to improve the board? Let us know here!

Moderator: Jake

User avatar
sexcuir
VIP
Posts: 659
Joined: Wed Mar 30, 2011 10:08 am
Has thanked: 11 times
Been thanked: 84 times
Contact:

just obvious request [https/SSL for forum?]

Post by sexcuir »

hello rom could have somme https verybody would be protected 8D
Last edited by SexySurgical on Mon Jun 18, 2018 10:57 am, edited 1 time in total.
Reason: []
User avatar
Rommeltje
The man in charge
Posts: 13020
Joined: Sat Nov 20, 2010 10:14 pm
Location: Amsterdam
Has thanked: 1343 times
Been thanked: 803 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by Rommeltje »

We've had that discussion among the moderators, and this was the conclusion:
Rommeltje wrote:We can't. We'd have to switch from shared to dedicated hosting in order to that, and buy a certificate, which would up our costs considerably. I don't think we're enough at risk to make it worth that.
User avatar
SexySurgical
Rommeltje's Deputy
Posts: 11821
Joined: Wed Nov 24, 2010 1:04 am
Location: Dutchieland
Has thanked: 1956 times
Been thanked: 402 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by SexySurgical »

Details that really need to be protected, like bank details and addresses, can always be sent via e-mail, assuming enough trust has been built in previous communications.
Tpt35
Occasional poster
Posts: 14
Joined: Fri Oct 03, 2014 3:21 am

Re: just obvious request [https/SSL for forum?]

Post by Tpt35 »

Okay, I want to make everyone understand that without SSL everything on this site including usernames and passwords are sent to the hosting server in plaintext. At the moment a malicious attacker can eavesdrop everything. I suggest that we use SSL encryption from the Let'sEncrypt organization (https://letsencrypt.org/). It is free and extremely easy to setup. Please take note in the companies that sponsor it. We all want a safer and secure Internet.
User avatar
SexySurgical
Rommeltje's Deputy
Posts: 11821
Joined: Wed Nov 24, 2010 1:04 am
Location: Dutchieland
Has thanked: 1956 times
Been thanked: 402 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by SexySurgical »

Agreed, we'll need to point that out more, our equipment and such is very functional, but not exactly brand new top notch.
Tpt35 wrote:Okay, I want to make everyone understand that without SSL everything on this site including usernames and passwords are sent to the hosting server in plaintext. At the moment a malicious attacker can eavesdrop everything. I suggest that we use SSL encryption from the Let'sEncrypt organization (https://letsencrypt.org/). It is free and extremely easy to setup. Please take note in the companies that sponsor it. We all want a safer and secure Internet.
Thanks for your participation and consideration!
rook
Occasional poster
Posts: 14
Joined: Tue Jun 11, 2013 10:17 pm
Location: Dutchieland
Been thanked: 3 times

Re: just obvious request [https/SSL for forum?]

Post by rook »

I do host some website's for other people on my VPS, with Directadmin.

I don't know who told you that you have to switch from shared to dedicated, but i have several domains/users who use the Let's Encrypt method to activate SSL.

Send me an message if you need more information.
User avatar
Rommeltje
The man in charge
Posts: 13020
Joined: Sat Nov 20, 2010 10:14 pm
Location: Amsterdam
Has thanked: 1343 times
Been thanked: 803 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by Rommeltje »

rook wrote:I don't know who told you that you have to switch from shared to dedicated, but i have several domains/users who use the Let's Encrypt method to activate SSL.
Googling it again, I think I got some outdated info.

I've tried something that should work (Cloudflare). if not, I'll send you a PM. If so, we'll be on https from now on.

Thanks for your reply!
User avatar
Rommeltje
The man in charge
Posts: 13020
Joined: Sat Nov 20, 2010 10:14 pm
Location: Amsterdam
Has thanked: 1343 times
Been thanked: 803 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by Rommeltje »

Attempt 1: failed.
7981878523
Occasional poster
Posts: 6
Joined: Wed Jan 30, 2019 12:53 am
Has thanked: 3 times
Been thanked: 3 times

Re: just obvious request [https/SSL for forum?]

Post by 7981878523 »

I second this, SSL support today si a must. Let's Encrypt makes it easy for any Unix-like server out there.

About the synchronization error, if you use a load balancer/s to spread the load into the servers, (and to avoid malicious atempts from botnets), you must add the cert to that/these machine/s.
User avatar
SexySurgical
Rommeltje's Deputy
Posts: 11821
Joined: Wed Nov 24, 2010 1:04 am
Location: Dutchieland
Has thanked: 1956 times
Been thanked: 402 times
Contact:

Re: just obvious request [https/SSL for forum?]

Post by SexySurgical »

I believe we do not have that much access to our shared hosting server.
7981878523 wrote: Fri Feb 01, 2019 3:17 am I second this, SSL support today si a must. Let's Encrypt makes it easy for any Unix-like server out there.

About the synchronization error, if you use a load balancer/s to spread the load into the servers, (and to avoid malicious atempts from botnets), you must add the cert to that/these machine/s.
Post Reply

Return to “Forum Suggestions”