=VG= Solar Posted October 27, 2019 at 12:00 PM Report Share Posted October 27, 2019 at 12:00 PM I'll keep it short and sweet. We now (finally) have SSL (TLS) on the website. Your usernames and passwords are secure in transit! We've also made it so general browsing on the site is all done through TLS. That being said, please be careful about what images you link to the site. If it does not have HTTPS it will cause web browsers to report the site as not fully secure as some content is provided via HTTP. If it continues to happen I'll probably have to stop 3rd party linked images being displayed on the site. We've also gone IPv6! C:\Users\mark>nslookup veterans-gaming.com Server: dns.google Address: 8.8.8.8 Non-authoritative answer: Name: veterans-gaming.com Addresses: 2604:a880:400:d0::13dc:2001 138.197.225.129 C:\Users\mark>nslookup www.veterans-gaming.com Server: dns.google Address: 8.8.8.8 Non-authoritative answer: Name: veterans-gaming.com Addresses: 2604:a880:400:d0::13dc:2001 138.197.225.129 Aliases: www.veterans-gaming.com Pinging veterans-gaming.com [2604:a880:400:d0::13dc:2001] with 32 bytes of data: Reply from 2604:a880:400:d0::13dc:2001: time=109ms Reply from 2604:a880:400:d0::13dc:2001: time=83ms I've got some other bits and bobs I need to do in the background, but thats it for now! Report any issues you may find to myself or Semler. I'll assume no news is good news! 3 3 Quote Link to comment Share on other sites More sharing options...
Xenalite Posted October 27, 2019 at 12:21 PM Report Share Posted October 27, 2019 at 12:21 PM +1 for Let's Encrypt 1 Quote Link to comment Share on other sites More sharing options...
=VG= Solar Posted October 27, 2019 at 12:25 PM Author Report Share Posted October 27, 2019 at 12:25 PM 3 minutes ago, Xenalite said: +1 for Let's Encrypt Ha - you got me. How could you tell? The expiry date on the cert? Quote Link to comment Share on other sites More sharing options...
Xenalite Posted October 27, 2019 at 12:30 PM Report Share Posted October 27, 2019 at 12:30 PM Certificate issuer field. I'm trying to persuade my company to use Let's Encrypt for Kubernetes certificates, but they are resistant... they want OV certificates because it looks more "professional". Quote Link to comment Share on other sites More sharing options...
=VG= Solar Posted October 27, 2019 at 12:40 PM Author Report Share Posted October 27, 2019 at 12:40 PM Ah I see. Silly me - I have AV SSL inspection turned on, so it looks like it was issued by my AV software rather than the real issuer. Quote Link to comment Share on other sites More sharing options...
=VG= SemlerPDX Posted October 27, 2019 at 05:32 PM Report Share Posted October 27, 2019 at 05:32 PM Thank you very much @=VG= SolarFlame1! Regarding the 3rd party image links, if we could just tweak the system to disallow anything but an https: link or change http: into https:, that would be an elegant way of handling it. Pardon me for suggesting something without knowing the first thing about it's feasibility, but it came to mind and I had to get it out before it started to stink. On that note, when we swept for those http: images, they were all before the big EU privacy change. These days, it is VERY hard to find an http: only site, so these days, any links from Imgur, etc. all start with https: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.