*
Welcome, Guest. Please login or register.
July 10, 2020, 04:17:09 PM

Login with username, password and session length

Donate

We Appreciate Your Support

Recent

Author Topic: Is there a reason the forum does not use SSL?  (Read 355 times)

Offline Pascal

  • Assistant
  • Posts: 41
Is there a reason the forum does not use SSL?
« on: November 13, 2019, 05:09:26 PM »
Soon next year Google and I assume all other Chromium base browsers will block access to websites that are not using SSL.

https://serverguy.com/ssl/google-forcing-ssl-certificate-websites/

Is there a reason why SSL is not being used?

Offline Andrew_McGuire

  • Mad Scientist
  • Posts: 596
Re: Is there a reason the forum does not use SSL?
« Reply #1 on: November 13, 2019, 05:25:01 PM »
This probably doesn't answer your question, but for what it's worth, some of us have never heard of SSL, have no idea what it is or does, and probably don't want to. SSM might be a different matter.
« Last Edit: November 13, 2019, 07:43:09 PM by Andrew_McGuire »

Offline Shahbahraz

  • Mad Scientist
  • Posts: 864
    • A Lead Odyssey
Re: Is there a reason the forum does not use SSL?
« Reply #2 on: November 13, 2019, 06:27:06 PM »
Secure Sockets Layer provides browser security by encryption.

Most sites will use the SSL secure protocol identified by using the HTTPS prefix, rather than just HTTP.

And yes, not using HTTPS is going to be a problem from next year.
Wargaming since the dark ages...

---https://aleadodyssey.blogspot.com/---

Offline AndrewBeasley

  • Mastermind
  • Posts: 1014
Re: Is there a reason the forum does not use SSL?
« Reply #3 on: November 13, 2019, 09:18:01 PM »
The linked article does not state Google is forcing anyone and it’s not up to Google to do so.  It’s taken TWO YEARS to get the ‘Not Secure’ message up and running in most browsers.


They would like all sites to have SSL so that can claim they are delivering trusted sites only but as it is very easy to add a certificate to any site for free using services such as [size=78%]https://letsencrypt.org[/size] it will not take the fake sites long to add this to their own systems.


Given certificate revocation is a painful process to allow for appeals and errors, this is only temporary help.


To gain full ssl support, the site will need to be upgraded [/size][size=78%]https://wiki.simplemachines.org/smf/SMF2.1:Features[/size]


I’m happy to chip in a bit of PayPal to help but understand this is not a five minute fix...

Sic Parvis Magna <*>