Soldato
OH NOES TEH PUBLIC INTRENETS FORUM ISNT SECURES!!1112
OH NOES TEH PUBLIC INTRENETS FORUM ISNT SECURES!!1112
OH NOES TEH PUBLIC INTRENETS FORUM ISNT SECURES!!1112
You can force HTTPS everywhere with an EFF plugin,
Actually no, you can't.
The plugin will connect to the HTTPS version of a site if available (it isn't for OcUK for example). It won't magically install HTTPS capability on sites that don't support it.
Yeah go back and read the entirety of what you just quoted.
It doesn't make a difference - your opening sentence is wrong, and not really useful here as OcUK doesn't have a HTTPS cert for the forums subdomain.
Vbulletin hashes the passwords when it transmits. But SSL would be much better. But it costs, unless you create a self signed cert. The problem with self signed certs is they throw up warnings. Most people see the warning and think "oh **** I'm not going that way".
Mozilla and the EFF (who gave us HTTPS everywhere) are also creating a free self signing certificate authority (so you don't have to pay the extortionate prices of certificate authorities, or end up with dodgy certs forced into your OS like Lenovo did) with let's encrypt.
https://letsencrypt.org/
RapidSSL charge 49USD for a basic SSL and Godaddy works out around £50 for one. So cost is not an excuse.
Moving to SSL would put some extra CPU load on the forum server(s) and the HTTPs handshakes means extra bandwidth use.
RapidSSL charge 49USD for a basic SSL and Godaddy works out around £50 for one. So cost is not an excuse.
Moving to SSL would put some extra CPU load on the forum server(s) and the HTTPs handshakes means extra bandwidth use.
I apologise for not correctly constructing my sentencing to meet your anally retentive needs. Continue to ignore the fact I stated in the post you chose to cherry pick "if it's available".
Its nothing to do with sentence structure! It was just wrong!
Saying a plugin gives you HTTPS everywhere is misleading and might lead people to an incorrect conclusion.
Depending on how the forums are hosted, a lot of modern firewalls do full SSL offload meaning there is no CPU load on the servers. Even if they don't, the CPU load is fairly insignificant. Bandwidth isn't an issue.
You regurgitated what I said and then bitched about how I said it.
Again. I apologise for not being anally retentive in my sentencing structure.
Oh for God sake man, you said something that was wrong. Pointing it out isn't anal retention! Give it up.