Welcome Guest!
In order to take advantage of all the great features that Waterloo Region Connected has to offer, including participating in the lively discussions below, you're going to have to register. The good news is that it'll take less than a minute and you can get started enjoying Waterloo Region's best online community right away.
or Create an Account




Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SSL
#1
So Google Chrome keeps reminding me that WRC is not secure. 
For the security of you and your members have you considered installing an SSL certificate?
Reply


#2
We have. We're going through the logistics now actually
Reply
#3
(11-21-2018, 07:21 PM)Spokes Wrote: We have.  We're going through the logistics now actually

Cool, good to know. thanks Big Grin
Reply
#4
(11-21-2018, 07:21 PM)Spokes Wrote: We have.  We're going through the logistics now actually

Let’s Encrypt, or something more complicated? Big Grin
Reply
#5
That was one option we were looking at, but Taylortbb has been offering some really good suggestions of some paid alternatives that are still very reasonably priced
Reply
#6
sooo... curious, any update on this? Been a while Tongue
Reply
#7
No. Unfortunately not. It's on my list but sadly it's a long list and it's been a busy few months.

It's going to happen
Reply


#8
Just wondering, what would this do for the forum? It's a public forum and everything we post is available to anyone in a browser.
Reply
#9
There are a few members who could explain it way way way better than I, so I think I'll defer to them.
Reply
#10
Not really about publicly available information on the forum, more about the data that's being transmitted -

https://blog.mozilla.org/security/2017/0...cure-http/

Quote:HTTPS helps keep you safe from eavesdropping and tampering when doing everything from online banking to communicating with your friends. This is important because over a regular HTTP connection, someone else on the network can read or modify the website before you see it, putting you at risk.
Reply
#11
(02-19-2019, 07:09 PM)Canard Wrote: Just wondering, what would this do for the forum?  It's a public forum and everything we post is available to anyone in a browser.

First off, it would be nice if my login password is not transmitted in plain text. If my computer was connected to the same network as you when you logged in, I could find out what the password you used for the site is when you hit login within two seconds with the appropriate software loaded on my laptop. This is a bad thing if you use the same password on other sites, such as your banking or email account. (Which a lot of people tend to do).

Secondly, HTTP at this point should be considered "legacy" technology. Back in the infancy of the world wide web, I understand why no one outside of banks used it, due to the increased overhead of encrypting data, as processors of that era was not that fast (The first time I accessed a WWW page was on a computer with a 33 Megahertz processor and 4 megabytes of RAM). Nowadays that's a non-issue with the speeds of modern computers.

And thirdly, with programs like Let's Encrypt out there, there is no real reason not to as you can get a basic SSL certificate for free as long as you have a supported web provider or are renting a Linux or Windows VPS to host the page. (However it looks like GoDaddy is hosting this site based on the IP though, and they won't support Let's Encrypt as it competes with their own SSL Cert business)
Reply
#12
(02-19-2019, 08:39 PM)bgb_ca Wrote: And thirdly, with programs like Let's Encrypt out there, there is no real reason not to as you can get a basic SSL certificate for free as long as you have a supported web provider or are renting a Linux or Windows VPS to host the page. (However it looks like GoDaddy is hosting this site based on the IP though, and they won't support Let's Encrypt as it competes with their own SSL Cert business)

GoDaddy SSL certificates are only C$12 for the first year, and C$100 thereafter, so not expensive there, either. Comodo InstantSSL is only $21/year from namecheap.com.
Reply
#13
(02-19-2019, 09:00 PM)tomh009 Wrote:
(02-19-2019, 08:39 PM)bgb_ca Wrote: And thirdly, with programs like Let's Encrypt out there, there is no real reason not to as you can get a basic SSL certificate for free as long as you have a supported web provider or are renting a Linux or Windows VPS to host the page. (However it looks like GoDaddy is hosting this site based on the IP though, and they won't support Let's Encrypt as it competes with their own SSL Cert business)

GoDaddy SSL certificates are only C$12 for the first year, and C$100 thereafter, so not expensive there, either. Comodo InstantSSL is only $21/year from namecheap.com.

Not super expensive but a lot more than $0 for the same service...
Reply


#14
(02-20-2019, 01:18 AM)plam Wrote:
(02-19-2019, 09:00 PM)tomh009 Wrote: GoDaddy SSL certificates are only C$12 for the first year, and C$100 thereafter, so not expensive there, either. Comodo InstantSSL is only $21/year from namecheap.com.

Not super expensive but a lot more than $0 for the same service...

They do cost an infinite percentage more. But if they are not supported, Let's Encrypt certificates are not really relevant.
Reply
#15
(02-20-2019, 02:47 PM)tomh009 Wrote:
(02-20-2019, 01:18 AM)plam Wrote: Not super expensive but a lot more than $0 for the same service...

They do cost an infinite percentage more. But if they are not supported, Let's Encrypt certificates are not really relevant.

I'd be happy to help migrate the site away from GoDaddy.
Reply
« Next Oldest | Next Newest »



Forum Jump:


Users browsing this thread: 1 Guest(s)

About Waterloo Region Connected

Launched in August 2014, Waterloo Region Connected is an online community that brings together all the things that make Waterloo Region great. Waterloo Region Connected provides user-driven content fueled by a lively discussion forum covering topics like urban development, transportation projects, heritage issues, businesses and other issues of interest to those in Kitchener, Waterloo, Cambridge and the four Townships - North Dumfries, Wellesley, Wilmot, and Woolwich.

              User Links