crrodriguez Posted June 30, 2011 Report Share Posted June 30, 2011 Hi: Sysadmin here We have enabled SSL in the website, and it is mandatory for the forum but optional in the main site. This is intented to make the experience more secure, specially for forum user's passwords. Use this post to report any problem you have with SSL access. Cheers Link to comment Share on other sites More sharing options...
Tomorrow Posted July 1, 2011 Report Share Posted July 1, 2011 Looking good.No problems here with SSL access.In fact had you not mentioned it i would have not noticed Link to comment Share on other sites More sharing options...
crrodriguez Posted July 1, 2011 Author Report Share Posted July 1, 2011 Note that if you click "main site" in the forum menu, you will get front website over SSL, This is expected but not really intented, as a side effect of the rolling of http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ;-) The trick is done by your browser, once you enter the forum, a header is set telling you client "use ssl only for this domain", shouldnt harm, so I 'll leave it as is. :-D Link to comment Share on other sites More sharing options...
Tomorrow Posted July 1, 2011 Report Share Posted July 1, 2011 (edited) I fixed my bookmark for the forum too.Now it correctly links to this forum.Before it had the cannaverbe in the domain name.Now it's just https://ketarin.org/forum/ Main site appears over SSL for me too at any time no matter if i open it directly or trough the forum. Only the Wiki is not in SSL yet: http://wiki.ketarin.org/index.php/Ketarin_Wiki Edited July 1, 2011 by Tomorrow Link to comment Share on other sites More sharing options...
crrodriguez Posted July 1, 2011 Author Report Share Posted July 1, 2011 Main site appears over SSL for me too at any time no matter if i open it directly or trough the forum. That is expected, proper browsers "remember" that the domain "ketarin.org" (not subdomains) is to be accessed over SSL,but only if you have visited a part of the site that demands SSL (like the forum) currently for 6 months (unless you delete your browser cache) This is because your browser may send cookies over plain HTTP and break all application-side safe-guards.. :-) however cookies of this forum are currently being marked as "secure" hence no well behaving browser will send them in a plain text connection. Only the Wiki is not in SSL yet: http://wiki.ketarin.org/index.php/Ketarin_Wiki Only the main domain is available over SSL for now, the wiki is not, but may be in the future. Link to comment Share on other sites More sharing options...
Tomorrow Posted July 1, 2011 Report Share Posted July 1, 2011 Ok.Thank you for explaining Link to comment Share on other sites More sharing options...
crrodriguez Posted July 1, 2011 Author Report Share Posted July 1, 2011 Finally No Internet Explorer version supports HTTP Strict Transport Security, only Chrome and Firefox, so IE users wont benefit from it, the relevant HTTP header is ignored and does nothing :-( I hope someday MS fixes their stuff to behave sanely, experience tells me it is not going to happend :-P Link to comment Share on other sites More sharing options...
shawn Posted July 3, 2011 Report Share Posted July 3, 2011 HSTS is still a draft. Not that it's not an important step forward, it's just not a standard. All the same, you can force SSL with any client using: RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Link to comment Share on other sites More sharing options...
crrodriguez Posted July 3, 2011 Author Report Share Posted July 3, 2011 HSTS is still a draft. Not that it's not an important step forward, it's just not a standard. All the same, you can force SSL with any client using: RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} That's exactly the way it is implemented already Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now