02-21-2019, 09:27 AM
If changing hosts I'll definitely need some help
SSL
|
02-21-2019, 09:27 AM
If changing hosts I'll definitely need some help
02-21-2019, 06:19 PM
What's wrong with GoDaddy?
(What a hilarious name, lol)
02-21-2019, 07:21 PM
02-21-2019, 07:23 PM
02-21-2019, 08:00 PM
Thank you!
I've learned so much in the 4 years since creating WRC, but this is definitely not my area of strength. So many of you have helped and offered to help. Truly speaks to the greatness of this community.
02-21-2019, 11:53 PM
But if it's just for the free SSL certificate, it might make more sense to pay the $12/year for now (for a non-free one), there is non-trivial work involved in switching hosting. Of course, if there are other compelling reasons to switch ...
02-22-2019, 01:52 AM
(02-21-2019, 11:53 PM)tomh009 Wrote: But if it's just for the free SSL certificate, it might make more sense to pay the $12/year for now (for a non-free one), there is non-trivial work involved in switching hosting. Of course, if there are other compelling reasons to switch ... I thought you had mentioned that it was $12/year for the first year and then escalated to $100... I did have the impression that GoDaddy is sort of evil (and one can search the Internet for details) although it doesn't seem to be in the news that much these days. Escalating does count as minorly evil to me.
02-22-2019, 08:59 AM
That's a major jump. I'll definitely take care of it. I've been in discussion with a member about some options, I just need to get on it.
02-22-2019, 10:42 AM
$100 per year is a relatively small amount of money compared to the time and effort of managing one's own server though, especially for folks who are not familiar with it. Spokes you're entirely capable of learning, and like the others I'd be happy to help with migration, administration, etc but you should also consider the value of your time when making the budget decisions.
02-22-2019, 11:38 AM
It's crazy how much I feel like I've learned compared to where I started.
You all need to be careful. I'm keeping track of who's offering help
08-13-2019, 01:46 PM
So I've (finally) gotten started on the security for the site and gotten an SSL certificate. The host says it's active, but Chrome is still saying it's not secure. Anyone notice a change? Any advice?
As a side note, thanks to everyone who's purchased a Premium Membership this year. It's a little different than the donations of the past, but the same goal. Your support for WRC has been so positive and reminds me how great of a community we have here.
08-13-2019, 02:01 PM
(08-13-2019, 01:46 PM)Spokes Wrote: So I've (finally) gotten started on the security for the site and gotten an SSL certificate. The host says it's active, but Chrome is still saying it's not secure. Anyone notice a change? Any advice?Just tried the site with https:// its partially there. Style sheets etc seem broken. Fix would be to change to make it agnostic to the protocol... BEFORE <link type="text/css" rel="stylesheet" href="http://www.waterlooregionconnected.com/cache/themes/theme1/star_ratings.css" /> AFTER <link type="text/css" rel="stylesheet" href="//www.waterlooregionconnected.com/cache/themes/theme1/star_ratings.css" />
08-13-2019, 02:02 PM
Have a look at https://www.godaddy.com/community/SSL-An...td-p/50372
I think there should be a setting somewhere in your forum admin settings for web site URL, I’d start with that and change the http to https in it. You may also need to add to a .htaccess file to force HTTPS https://htaccessbook.com/htaccess-redirect-https-www/ Also check any custom code you may have on your pages that may still be trying to access something on “http://waterlooregionconnected.com/stuff” and change that to https also (08-13-2019, 01:46 PM)Spokes Wrote: So I've (finally) gotten started on the security for the site and gotten an SSL certificate. The host says it's active, but Chrome is still saying it's not secure. Anyone notice a change? Any advice? HTTPS by default runs in parallel with HTTP. So you can go to http://waterlooregionconnected.com to access over HTTP, or https://waterlooregionconnected.com to access over HTTPS. Unless one manually types HTTPS the default is HTTP. Most sites setup a redirect on the HTTP site. So if you go to http://example.com you get immediately redirected to https://example.com. You'll need to setup that redirect, as jason897 explained, to get the proper experience. Before doing so however, you need to fix the HTTPS site. Once you load a page over HTTPS, all the JavaScript, CSS, etc must also come over HTTPS. Otherwise the security is totally invalidated, as someone could inject malicious JavaScript via the unencrypted HTTP and take over a HTTPS page. Therefore modern browsers will simply ignore any references to JS, CSS, images, etc that are HTTP on a HTTPS site. You'll need to update the references (as neonjoe explained), probably via a setting in the admin panel, to use HTTPS URLs for all the JS/CSS/images/etc. It's okay if a HTTP site includes HTTPS assets, so don't worry about making HTTPS the default.
08-13-2019, 05:48 PM
(08-13-2019, 02:01 PM)neonjoe Wrote:(08-13-2019, 01:46 PM)Spokes Wrote: So I've (finally) gotten started on the security for the site and gotten an SSL certificate. The host says it's active, but Chrome is still saying it's not secure. Anyone notice a change? Any advice?Just tried the site with https:// its partially there. Style sheets etc seem broken. Better yet: <link type="text/css" rel="stylesheet" href="/cache/themes/theme1/star_ratings.css" /> It's unusual for a site’s links to itself to need to mention either the protocol or the site name — root-relative or in some cases even relative links are fine. |
« Next Oldest | Next Newest »
|