Secured connection to forum.

[Moses]

Hi all,

today we made one more big step in forum security. At past 3 weeks I spend quite a lot of time to secure our server, to obtain and install security certificate, to upgrade forum software and to patch holes in security. The final step is to switch forum from unsecured web-protocol HTTP to secured HTTPS protocol.

What it means for you? From now nobody can steal your password via sniffing connection btw our server and your comp. We have the same level of security of connections as banks have.

sawssl.png

I still have to make some cleanup at forum (for some browsers and mobile phones), and then will start to secure our main site.

Similar Threads:

• pattaya internet connection
• 50 minutes connection in BKK airport, enough?
• internet connection

[Yraen]

Well done Moses. This is a huge step forward. It will help keeps the 'sticky-beaks' out of the blog.

[frequent]

Well done Moses. This is a huge step forward. It will help keeps the 'sticky-beaks' out of the blog.

It means nothing of the sort, assuming you think it means only logged-in users can read the general run of the mill nonsense that's posted here. All it means that no-one can steal your password and log in as you

[Yraen]

It means nothing of the sort, assuming you think it means only logged-in users can read the general run of the mill nonsense that's posted here. All it means that no-one can steal your password and log in as you

#3 @frequent
I did not mention whether the blog can be read; it is, and has been for a long time, completely open to be read, without login, by anyone interested.
But it will help to keep out the 'sticky beaks' who may be interested in collecting passwords and other personal details.

It really is like having a lock on one's front door - it will help keep people out of your house but it may not stop the determined and skilled burglar.

So, for the future, please just read what I have written without your interpretation of what you thought I meant.

[frequent]

So, for the future, please just read what I have written without your interpretation of what you thought I meant.

If you used commonly understood phrases in commonly understood ways there would be no need to make any assumptions. A "sticky beak" does not mean, except in your fevered imagination, someone who goes around stealing people's passwords as any Google search will show you

[cdnmatt]

Yeah, SSL is important, and even Google now ranks sites differently depending whether or not they blanket their site with SSL. It's extremely simplistic to activate though, and a simple free subscription to CloudFlare does the job these days. Before you had to screw around facing your certificates of incorporation over to Thwarte or Verisign in order to get granted a SSL certificate. Plus it'd cost around $250/year, include technical hassles, etc. Nowadays it's free, and takes 5 minutes to implement on any site out there.

But yes, SSL is important. Not so much for this site, as it's not like we're sharing confidential information here, but nonetheless, a good measure to take. Definitely can't hurt anything.

[Moses]

SGT doesn't use Cloudflare for SSL. Everything been secured directly on our server, including preparation, obtaining certificate, patching holes. That why it took 3 weeks in total.

But now we can proudly show A+ grade level of security

ssl1.png

[cdnmatt]

SGT doesn't use Cloudflare for SSL. Everything been secured directly on our server, including preparation, obtaining certificate, patching holes. That why it took 3 weeks in total.

Yeah, yeah, understood. I bet you're older than me, aren't you? You're older than 35, correct?

Not sure why you made it so difficult on yourself, but I definitely understand the process, and I've been through it before. In the current age though, there's absolutely no reason to make it that difficult on yourself. Cloudflare or your own signed SSL certificate, it's still the same encryption, and still supported by the same amount of browsers.

The only reason to get a SSL cert nowadays is if you're a reputable financial firm, or similar, and users need to verify that you are in fact the owner of the SSL cert.

But yeah, your site, so up to you. SSL is definitely a good move, as it will probably enhance your rankings in Google. A few years back Google came out and publicly stated they will favor sites that force connections to SSL in their rankings.



ssl1.png[/QUOTE]

[frequent]

I bet you're older than me, aren't you? You're older than 35, correct?

So an ageist as well as an arsehole. Just what the Board needs

[bkkguy]

Everything been secured directly on our server, including preparation, obtaining certificate, patching holes. That why it took 3 weeks in total.

not everything - you need perhaps to spend a few more days to find the remaining holes that are still allowing insecure mixed content on some forum pages losing you your beloved green lock on such pages

bkkguy