Web site not using TLS/HTTPS
This site doesn't use encryption, even for the sign in. My password manager complains bitterly about it.
I've gone to total encryption for the sites I manage. One hosting company I use (canadianwebhosting) offers them for free (I think it's actually cpanel that sets it up). You can also get free certificates from Let's Encrypt.
Re: Web site not using TLS/HTTPS
I noticed that long ago but I don't have any important information on here, so it doesn't matter.
But it could create problems for the site managers.
Re: Web site not using TLS/HTTPS
Google is pushing for encryption of all sites and down ranks sites that are open. It's also about the data. ISPs (like Shaw and Telus) monitor your browsing and sell the data to advertisers which competes with how Google makes their money.
Re: Web site not using TLS/HTTPS
Quote:
Originally Posted by
Gun Dog
Google is pushing for encryption of all sites and down ranks sites that are open. It's also about the data. ISPs (like Shaw and Telus) monitor your browsing and sell the data to advertisers which competes with how Google makes their money.
Yes but https adds considerable overhead and cost to HTTP.
I am personally not for encrypting information that doesn't need encryption.
Re: Web site not using TLS/HTTPS
Quote:
Originally Posted by
adriaticum
Yes but https adds considerable overhead and cost to HTTP.
I am personally not for encrypting information that doesn't need encryption.
There is no insignificant overhead for HTTPS.
And you can get free certificates now using Let's Encrypt.
Last I checked HBC runs Linux with a cPanel front end if I recall correctly.
It would involve running a couple of commands to install certbot, generate the certificate, adding a TXT record to the DNS for validation... then copy and paste the certificate key into the SSL Wizard in cPanel... DONE. An .htaccess mod_rewrite entry could even automatically convert HTTP to HTTPS for any existing / hard coded links.
This would protect from people from intercepting passwords, reading other peoples PM's, particularly on public networks. It would also significantly boost search engine ranking.
Re: Web site not using TLS/HTTPS
Quote:
Originally Posted by
caddisguy
There is no insignificant overhead for HTTPS.
And you can get free certificates now using Let's Encrypt.
Last I checked HBC runs Linux with a cPanel front end if I recall correctly.
It would involve running a couple of commands to install certbot, generate the certificate, adding a TXT record to the DNS for validation... then copy and paste the certificate key into the SSL Wizard in cPanel... DONE. An .htaccess mod_rewrite entry could even automatically convert HTTP to HTTPS for any existing / hard coded links.
This would protect from people from intercepting passwords, reading other peoples PM's, particularly on public networks. It would also significantly boost search engine ranking.
is it just me.............i have no idea what any of that means..............
none
nada
Re: Web site not using TLS/HTTPS
Re: Web site not using TLS/HTTPS
Quote:
Originally Posted by
whognu
is it just me.............i have no idea what any of that means..............
none
nada
That's ok. Been doing this stuff on a daily basis, multiple times a day for 22 years, so my nerd speak is strong.
Re: Web site not using TLS/HTTPS
Quote:
Originally Posted by
caddisguy
That's ok. Been doing this stuff on a daily basis, multiple times a day for 22 years, so my nerd speak is strong.
fair enough............my wife thinks i am good at something
she just can't put her finger on what it might be...................
xo
Re: Web site not using TLS/HTTPS
Geeeezzzz. What the heck are you guys talking about ? Maybe one of you tech gurus could dumb that down a WHOLE bunch and put it in layman’s terms so us challenged fellas could at least make an attempt to understand !
Thanks
Arctic Lake
Quote:
Originally Posted by
whognu
is it just me.............i have no idea what any of that means..............
none
nada