HTTPS/SSL for zenhax.com (and aluigi.altervista.org)

[aluigi]

If you are logging in the forum from an untrusted connection (free wifi, or a wifi not owned/controlled by you) then you may prefer to use the secure connection to the forum:
https://zenhax.com

Both HTTP and HTTPS remain available:

• If you are at your home: use HTTP (maybe faster) or HTTPS
• If HTTPS gives you problems: use HTTP
• If HTTPS doesn't work in a certain moment: temporary try HTTP
• If you are in an Internet Cafe or other public places: use HTTPS

[aluigi]

I would like your opinion about:

• leaving everything as is now, so it's up to the user to use the http or https website
• forcing the https website

What you would prefer and suggest?

Nowadays it's common practice to force https if available making impossible for an user to use the "old" unencrypted connection, but personally I think that leaving both would be better so the forum will be ever accessible in case of problems (old web browser or port 443 unreachable or problems on the https service).

[atom0s]

Leaving both should be fine, let the user choose what they want to use. Perhaps make mention somewhere easily seen that the site offers https as well in case people miss it or don't see these update threads.

[aluigi]

Added a note in the "Site description" and set this topic as "Global"

[lorak]

I agree, keep both options.

[coredevel]

If SSL certificate expires, Firefox browser won't let you visit the website. I can't even visit that other site, xentax, right now, because they are too lazy to renew their SSL certificate. So, significant loss of web traffic if SSL certificate goes *poof*.

[aluigi]

That should not happen here on zenhax because certificates are automatically renewed.

[aluigi]

Now HTTPS is available on my website too: https://aluigi.altervista.org

HTTPS is useful only if you are going to download quickbms or other tools from untrusted connections (public wifi) and, exactly like on zenhax, both http and https are and will remain active without any "forced" https.

The only downside of enabling https is that it required to use cloudflare and consequently some parts of the website may not be 100% original, just small things like for example my email address on top of the page that is no longer visible without javascript ([email protected]).
Or maybe some files that are magically no longer available even if they are phisically on the server like http://aluigi.altervista.org/poc/chromerda.zip (mah?)

Anyway who cares, now https is there so you can use it if you need it.

https is available also on the https://aluigi.zenhax.com mirror but the certificate is the same of zenhax.com and the browser may annoy you.

[atom0s]

Your file link for https://aluigi.altervista.org/poc/chromerda.zip returns a 403 (forbidden) code, so it looks to be a configuration issue on your server causing it to fail.

[aluigi]

I removed and reuploaded the file and now it works correctly.
It was a mistery issue randomly found by mistake, it's perfectly possible that it gave the same error even before
Apparently cloudflare "hijacks" (in a non-negative sense) the html pages only.

[mcpherson]

I would like your opinion about:

• leaving everything as is now, so it's up to the user to use the http or https website
• forcing the https website

What you would prefer and suggest?

Nowadays it's common practice to force https if available making impossible for an user to use the "old" unencrypted connection, but personally I think that leaving both would be better so the forum will be ever accessible in case of problems (old web browser or port 443 unreachable or problems on the https service).

i agreed with both of you thanks....

[aluigi]

Stupid Cloudflare.
Yeah if you see a "Warning: Suspected Phishing Site Ahead!" on my website, it's just that stupid Cloudflare that I was forced to enable for HTTPS.

Trying to find a solution now...

[aluigi]

Now everything is working.
Not sure if HTTPS will continue to work, currently it works if it will stop I will try other settings.

[aluigi]

I made a small restyling of my website for making it more mobile friendly and hopefully more readable too by switching from "table" (yes we are in the 90's!) to "div".

Don't be scared when you see it, it's a little change that was necessary after over 15 years

[atom0s]

Looks like the SSL cert. expired again.

[aluigi]

Yeah again.
I don't know why sometimes it gives this problem, the renewal it's all up to the host provider.
Luckily I noticed it just today while checking the feeds and they quickly fixed it.
It will happen again... that's sure.

[atom0s]

It will happen again... that's sure.

Haha, it happens, no worries.

[atom0s]

It will happen again... that's sure.

Happening again now hehe.

[atom0s]

Looks like it just expired again.

[LolHacksRule]

Dang expired yet again.