Enabling HTTPS?

User avatar
Muirium
µ

20 Jan 2016, 21:34

Glad to see we still work on Lynx!

Now all I can think of still to test is my G4 on Tiger. Once I'm home…

User avatar
scottc

20 Jan 2016, 21:50

If TenFourFox no longer works, at least you know you can use Lynx now!..

User avatar
SL89

20 Jan 2016, 22:11

Image

User avatar
seebart
Offtopicthority Instigator

20 Jan 2016, 22:19

Unbenannt.JPG
Unbenannt.JPG (40.41 KiB) Viewed 1884 times

User avatar
webwit
Wild Duck

20 Jan 2016, 22:58

Image

User avatar
rindorbrot

20 Jan 2016, 23:08

yay, https!

User avatar
elecplus

21 Jan 2016, 07:24

The connection of this website has been verified. No Certificate Transparency information was supplied by the server.

Your connection to deskthority.net is encrypted using a modern cipher suite. Further this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.

I have the https:// at the beginning of the URL, but no green lock appears. It just looks like a piece of paper. I am using Chrome.

Google has this to offer on the subject: Your connection to the site is encrypted, but Google Chrome has found something on the page that could be unwanted images or ads. We suggest you don't enter private or personal information on this page.

So any page with images (which is most of them) is not to appear secure to Chrome?

Edit: I DO get the green lock on the spy.php page, but almost all other pages do not have it.

User avatar
matt3o
-[°_°]-

21 Jan 2016, 08:32

I knew this would happen :)

@elecplus this is normal on a forum where some sources could come from external (not encrypted) locations (eg: images). The bottom line is that THIS site is encrypted and all crucial data is secure.

andrewjoy

21 Jan 2016, 10:35

And this is exactly why the WHOLE internet should switch to HTTPS

User avatar
7bit

22 Jan 2016, 10:05

Google wrote:We suggest you don't enter private or personal information on this page.
Google does not want people use the bot.
:o

Instead, people should use their Google Docs.
:evilgeek:

User avatar
webwit
Wild Duck

22 Jan 2016, 10:12

Webwit suggests you don't enter private or personal information on google or other ad networks. :twisted:

User avatar
Ray

22 Jan 2016, 14:17

well done, thanks!

User avatar
ramnes
ПБТ НАВСЕГДА

22 Jan 2016, 14:38

Yayyyyyyy!

User avatar
Muirium
µ

22 Jan 2016, 18:32

webwit wrote: Webwit suggests you don't enter private or personal information on google or other ad networks. :twisted:
Do you endorse DuckDuckGo? I've been using that for longer than I realized ducks were a thing on the Internet.

User avatar
webwit
Wild Duck

22 Jan 2016, 18:34

I'd like to use it more, but it rather sucks compared to google. :(

User avatar
Muirium
µ

22 Jan 2016, 18:40

The key is to use it by default. And when you don't get what you want, add !g to your search term to run a secured session with Google. Or !gi for Google Images specifically. I find it easier to use than Google itself, let alone the tinfoily sense of anonymised goodness!

User avatar
webwit
Wild Duck

22 Jan 2016, 18:45

It's not that, it's google options such as only show results from last year/month/week/day which I use frequently to filter out old crap.

User avatar
Muirium
µ

22 Jan 2016, 18:46

They've got you by the balls then. Wherever exactly male ducks keep theirs…

User avatar
webwit
Wild Duck

15 Mar 2016, 23:57

I configured some more security according the latest best practices. Let me know if you run into any trouble.

Image

Elsewhere... :roll:
Spoiler:
Image

User avatar
seebart
Offtopicthority Instigator

16 Mar 2016, 00:00

Thanks for that, but GH have their color scheme as a security measure right? :lol:

User avatar
elecplus

16 Mar 2016, 01:59

Muirium wrote: They've got you by the balls then. Wherever exactly male ducks keep theirs…
Ducks are like chickens. Their balls are tucked up by their spine. Lookup how to make a capon, you will see what I mean :twisted:

User avatar
elecplus

16 Mar 2016, 02:00

Outstanding job, webwit! Really appreciate all your hard work.

User avatar
matt3o
-[°_°]-

16 Mar 2016, 11:32

wondering if using a 4096 dh key would bring the key exchange to 100. Haven't tried it yet.

User avatar
Halvar

16 Mar 2016, 12:32

We're state of the art! Thanks webwit.

User avatar
webwit
Wild Duck

16 Mar 2016, 13:07

Aah my fav Amiga demo :)

User avatar
Halvar

16 Mar 2016, 14:33

Mine too, still looking for a video that includes the unbelievable floppy sounds though...

User avatar
webwit
Wild Duck

17 Jan 2017, 21:44

We've switched to auto-renewing Let's Encrypt certificates for SSL.

User avatar
chuckdee

17 Jan 2017, 21:50

webwit wrote: We've switched to auto-renewing Let's Encrypt certificates for SSL.
How hard was that to get set up, if you don't mind me asking...

User avatar
Thumper
knock knock

17 Jan 2017, 21:51

webwit wrote: We've switched to auto-renewing Let's Encrypt certificates for SSL.
Nice! Do you plan on proxying images/external sources, so that all traffic is encrypted?

User avatar
scottc

17 Jan 2017, 21:52

chuckdee wrote:
webwit wrote: We've switched to auto-renewing Let's Encrypt certificates for SSL.
How hard was that to get set up, if you don't mind me asking...
It's trivial, check out acme.sh: https://github.com/Neilpang/acme.sh

Post Reply

Return to “Deskthority talk”