https / ssl - any thoughts?

Discussion in 'Forum Information' started by Alex, Apr 6, 2014.

  1. Alex

    Alex crf250l.org dude

    Messages:
    639
    Hi all -

    I recently upgraded one of my other forums to serve everything through SSL connections, rather than in the clear. Most forums don't run with SSL, as the data isn't terribly confidential, and it does add some performance overhead. But lately, more and more social media sites have gone in that direction. (facebook is now full ssl, gmail went awhile back, etc.). So - would people be interested in it for this site as well? Or does it not matter terribly? Also - would be interesting to know if moving to SSL would in fact be a pain for anyone (using older browsers, primarily mobile on slow connections, etc.).
     
  2. captain canuck

    captain canuck Member

    Messages:
    65
    I don't see why not, better to migrate to a new system now when the site is still growing exponentially rather than later when there's thousands upon thousands of users.
     
  3. Alex

    Alex crf250l.org dude

    Messages:
    639
    My thoughts as well. Adding SSL wouldn't change much in terms of the system here, everything would look the same (except for a lock next to the url in the top of the screen). The only potential downsides are that some really old browsers might have issues, but they already have issues on many existing sites anyway.
     
    captain canuck likes this.
  4. Alex

    Alex crf250l.org dude

    Messages:
    639
    All set! I did all my learning over the weekend with the other site, so it was a piece of cake to duplicate that work and get it running quickly here. Shouldn't notice much different, other than the green lock in most browsers, and all urls now starting with https:// instead of http:// :thumbup:
     
    captain canuck likes this.
  5. Alex

    Alex crf250l.org dude

    Messages:
    639
    Well that was silly! I was wondering why nobody was visiting all day, and realized I hadn't opened the port up correctly for https. I didn't realize the problem because I have some specific firewall rules from my own boxes to these servers, so it wasn't immediately apparent that it was broken for everyone *but* me. All should be well at this point...
     
  6. Alex

    Alex crf250l.org dude

    Messages:
    639
    I know there is quite a bit of excitement this week about the "heartbleed" SSL bug on the internet. I updated the OpenSSL libraries Monday night right after the Centos updates were released.

    The timing for us is pretty amazing, actually. I created the cert only after this bug was fixed, so there was no remediation necessary here. Which is much easier than compared to any other site that had SSL up and running before, say, early this morning. :)

    If you'd like to test this site (or any other SSL site), here's the most prominent testing site for heartbleed I've been seeing referenced:

    http://filippo.io/Heartbleed/
     
  7. captain canuck

    captain canuck Member

    Messages:
    65
    Very nice :D have you thought about working with a mobile app dev to make a mobile app sort of like the TT app for this site?
     
  8. Alex

    Alex crf250l.org dude

    Messages:
    639
    I'd consider it, but it's not high on the priority list. Do they use Tapatalk or ForumRunner? Not a huge fan of the former (they run all content through their own servers overseas), and don't know much about the latter.
     
  9. captain canuck

    captain canuck Member

    Messages:
    65
    Hmmm not sure, I'll have to look into it over the weekend.