Jump to content











Photo
- - - - -

Can we get SSL on the forum?


  • Please log in to reply
28 replies to this topic

#1 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 03 February 2019 - 08:42 PM

Surely not too much to ask to have the server running with SSL

 

Let's Encrypt

#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 04 February 2019 - 08:36 AM

 

Surely not too much to ask to have the server running with SSL

 

Let's Encrypt

 

Sure, we exchange lots of sensitive information, I wonder why exactly noone thought of this basic protection.

 

:duff:

Wonko



#3 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 458 posts
  •  
    Germany

Posted 04 February 2019 - 08:54 AM

clear, there is coming a more impressive Standard as only ssl...
why not use the coming Standard, if we are already thinking about...
then let'z make it right !

Buy a Computer parts with hard and real Money, build it up, buy a Safe,
put it in, drill 3 hole's, stream, Monitor and Network.. and close the Safe ..

and don't let a NSA-Employee in the Room !

(who see the fail ?! )

best regards
Blacky

#4 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 04 February 2019 - 01:42 PM

buy a Save,

I tried shopping for one, but all they had were safes:wacko: 

https://passnownow.c...-save-and-safe/

http://pediaa.com/di...-safe-and-save/

 

:duff:

Wonko



#5 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 458 posts
  •  
    Germany

Posted 04 February 2019 - 02:18 PM

---beeeeeep---  wrong, the Network Cable ..

 

(but you're right, Safe.. for put in and make it save..)



#6 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 06 February 2019 - 07:05 PM

Sorry guys, you lost me with all the metaphors...

 

Lets just get good old tested & working SSL certificate, how about that?



#7 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 458 posts
  •  
    Germany

Posted 07 February 2019 - 03:54 AM

you be the once who want change that.. .. so.. in my opinion.. nope..

i work in security.. and with ssl can you do also many things..

it was okey in the last years..

and you have also not many posted, why this changing extra for you ?



#8 Guest_AnonVendetta_*

Guest_AnonVendetta_*
  • Guests

Posted 07 February 2019 - 09:40 PM

I'll 2nd this but.....I really dont think we need it. The most sensitive info we exchange with the server would be our passwords, not much else. I totally understand SSL being mandatory on say, a banking website, but here not so much. As for reboot.pro having a valid cert....doesn't it already have one?

 

I say, if the NSA wants our booting methods, let them have it.I see no harm in them using GRUB4DOS to power up their supercomputers.



#9 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 08 February 2019 - 07:46 AM

@Blackcrack,

 

Good luck to your security customers...

 

But I suppose there is really nothing here that is of interest, but to very few



#10 steve6375

steve6375

    Platinum Member

  • Developer
  • 7566 posts
  • Location:UK
  • Interests:computers, programming (masm,vb6,C,vbs), photography,TV,films
  •  
    United Kingdom

Posted 08 February 2019 - 09:36 AM

A couple of reasons I can think of...

 

1. Chrome now displays a 'not secure' flag on all http:// sites

2. Google ranks http sites lower than https in their search engine results

 

If it is easy to do, I would think it would be worth doing?


  • wimb likes this

#11 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 08 February 2019 - 12:17 PM

@steve6375

 

I think nobody cares here



#12 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 08 February 2019 - 01:23 PM

I think nobody cares here


Well, most probably more people would care if the request was actually motivated, at least Steve6375 has given a couple (whether relevant or not being of course up to debate) possible reasons why :good: , you didn't yet.

Example:
Idea  :lightbulb: 
Why not encrypting all attachments with PGP and putting up a server for providing the keys to members only, after 2FA? :dubbio:



:duff:
Wonko


  • Blackcrack likes this

#13 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 08 February 2019 - 02:25 PM

I am not even getting into debate with Wonko, as I would never win, some people just know it all...



#14 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 458 posts
  •  
    Germany

Posted 08 February 2019 - 03:09 PM

A couple of reasons I can think of...
 
1. Chrome now displays a 'not secure' flag on all http:// sites
2. Google ranks http sites lower than https in their search engine results
 
If it is easy to do, I would think it would be worth doing?

 
in this options do you have right !
easy coming in and tell "hey, why not ssl" without justifications ,
feels like a children ..  "mama, i want eat...waheeaaaa"
 

Idea :lightbulb:
Why not encrypting all attachments with PGP and putting up a server for providing the keys to members only, after 2FA? :dubbio:

:duff:
Wonko

thumps up *lol* :punk: :fine:

best :)
Blacky



#15 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 08 February 2019 - 03:17 PM

You obviously have experience of needing to justify each & every action.

But some actions do not need justification

 

It would be valid suggestion if asking to change the forum colour scheme, but NOT to use SSL in 2019



#16 erwan.l

erwan.l

    Platinum Member

  • Developer
  • 3041 posts
  • Location:Nantes - France
  •  
    France

Posted 08 February 2019 - 05:11 PM

Guys, I am more than happy to help here.

 

Nowadays, it is possible to get a secured while free cert.

It may also be that our hosting platform provides such a service (to be checked).

 

And, yes, I care :)

 

I'll have a word with Nuno and see if this is something to add on the migration to come.



#17 v77

v77

    Silver Member

  • Team Reboot
  • 602 posts
  •  
    France

Posted 10 February 2019 - 09:38 AM

I too think that SSL would be useful.
This forum is not for discussing cooking...


  • sebus likes this

#18 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 February 2019 - 04:01 PM

This forum is not for discussing cooking...

 

(JFYI):

http://reboot.pro/to...zza-margherita/

 

:duff:

Wonko



#19 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 01 October 2021 - 09:46 AM

Can we now switch off access on port 80 then?



#20 Blackcrack

Blackcrack

    Frequent Member

  • Advanced user
  • 458 posts
  •  
    Germany

Posted 02 October 2021 - 05:15 AM

@ Wonko, miummy...  Let'z dance 4 the Magareta .. it's seems someone wana cut us from the Mothermilk ..

he just understands not, to be exist an owner of the Magareta, someone should check his ip..

huhh security... i must have scare .. huhh..

 

so, let say it in short.. sebus, if the forum for you to unsave, must you not use...

for starting a discussion of ssl is stupid at a forum of programmers..

and then to argue with certainty and fear is so a thing !
I have worked in Safety & Security with retraining and Certificates and was by self a Security Officer in Objects
and now retraining in IT-SE (System Electronik + Programming)... (in my age..)
What do you think, if the owner of the Forum want have TLS ,
if he hadn't already arranged it lengthways ?
 
maaan, common..
 
and now come you... "Mammi, Mammi i want have SSL"
in a forum full of programmers...  *a blow on the back of the head* (like navyCIS)
 
 
@erwan.l  could you please lock it ?
 

 


#21 erwan.l

erwan.l

    Platinum Member

  • Developer
  • 3041 posts
  • Location:Nantes - France
  •  
    France

Posted 02 October 2021 - 10:28 AM

Hi,
Discussion took place more than once and usually ended up bad (like this one)...

Still ssl had been enabled but i dont think it was really used : See latest thread here

Certificate expired in the meantime.

Regards,
Erwan

Edit : i have renewed the ssl certificate (certbot renew --pre-hook "service apache2 stop" --post-hook "service apache2 start")

Enjoy https://reboot.pro/

#22 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 02 October 2021 - 11:51 AM

Naah, it's not really secure.

 

I mean, I can still access https://reboot.pro/ just fine with my Opera 12.15 (yes I know) on my XP SP2 (yes I know), whilst this OS/browser combo on most other "secure" sites fails with error 40[1].

 

As an example I just wanted to give 22 UK pounds (plus packaging and shipping) to these people (how can one live without a 4 litre sauna pine bucket[2]?):

https://www.xsvparsi...nd-p-134378.htm

but couldn't even access the page (d@mn error 40), surely, if I could, it would be much more secure.

 

:duff:

Wonko

 

[1] whenever something doesn't work, usually it is "secure", or "modern", or both

[2] complete with an inner plastic bucket, sometimes I wonder how humans survived with all the leaking buckets before plastic was invented  :dubbio:



#23 erwan.l

erwan.l

    Platinum Member

  • Developer
  • 3041 posts
  • Location:Nantes - France
  •  
    France

Posted 02 October 2021 - 12:10 PM

Naah, it's not really secure.

 

I mean, I can still access https://reboot.pro/ just fine with my Opera 12.15 (yes I know) on my XP SP2 (yes I know), whilst this OS/browser combo on most other "secure" sites fails with error 40[1].

 

As an example I just wanted to give 22 UK pounds (plus packaging and shipping) to these people (how can one live without a 4 litre sauna pine bucket[2]?):

https://www.xsvparsi...nd-p-134378.htm

but couldn't even access the page (d@mn error 40), surely, if I could, it would be much more secure.

 

:duff:

Wonko

 

[1] whenever something doesn't work, usually it is "secure", or "modern", or both

[2] complete with an inner plastic bucket, sometimes I wonder how humans survived with all the leaking buckets before plastic was invented  :dubbio:

 

Hey Wonko,

 

I'd say if your main problem is about getting error 40 when you are about to buy a "sauna bucket with inner plastic", there are worse situations ;)

And I am pretty sure humanity has been using buckets (or boats made of wood) thousands of years ago (and survived) without "inner plastic".

 

About security vs usability, it is always the same dilemna.

 

In your case, using some old browser / OS, your are definitely asking for troubles as many new security features wont be supported at your side.

But for sure I would never enable new security features that would lock you out as reboot.pro without Wonko would not be the same ! 

 

rExWc.jpg

 

Cheers,

Erwan



#24 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 02 October 2021 - 03:16 PM

And I am pretty sure humanity has been using buckets (or boats made of wood) thousands of years ago (and survived) without "inner plastic".

... but how would they drink from them? :dubbio:

 

I mean before plastic straws were invented :unsure:, don't come to me saying :w00t: that they used actual straws made out of straw ;).

 

:duff:

Wonko



#25 sebus

sebus

    Frequent Member

  • Advanced user
  • 363 posts

Posted 02 October 2021 - 03:32 PM

So much pointless discussion about nothing. Just made forced redirection 80 --> 443

So forum is only accessible via SSL

 

And 1 year certificate costs £6 per year, would you want me to fund it? Be happy to do so!

 

And if somebody with XP cannot access it, let it be!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users