Announcement

Collapse
No announcement yet.

Proceed with Caution - SSL Requirements for 2017?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Proceed with Caution - SSL Requirements for 2017?

    Hello Admin,

    Not trying no to to be alarmist here but what plans are there to secure a new SSL cert and adopting new htpps framework?

    This site is getting flagged by chrome, and whilst the meaning of having a SSL certificate remains unchanged, psychologically, it makes a difference to users.

    Dealt with this on a few levels since its inception but essentially previously hosted security certificates will be emphasised by Google as a dangerous, un-encrypted website.

    The analytical ramifications remain relatively unknown, however given Google treats this a forum with a password request the site is being lumped in with all sorts of tech nasties.

    As it does not have a valid SSL certificate there is plenty online about this, including effects on SEO and consumer confidence.

    Anyone else finding similar issues using Firefox or Edge?
    Last edited by Deeds; 26-06-2017, 09:02 PM.
    Kind Regards,

    Deeds - https://citygonebad.com/

    'Big Blue Bruise', 2016 Nebula Blue GX - https://www.fortunerforum.com.au/member/668-deeds
    City Gone Bad, You Tube Channel - https://www.youtube.com/channel/UCf6...BEp6X_07nHMzvA
    City Gone Bad, Instagram Account - https://www.instagram.com/citygonebad/

    Please subscribe to our channels - Like | Share | Leave a comment:

  • #2
    Firefox flags a warning, indicating that parts of the site are not secure, such as images. The certificate itself is valid until 24th July 2017. I think it's the motoquipe ad that is causing it. It is served to the page from a non-secure link.
    Last edited by tekka maki; 26-06-2017, 09:39 PM.

    Comment


    • #3
      It is indeed only the ads that are the "passive mixed content". The forum itself, including login and user data is protected by a valid SSL certificate from letsencrypt.
      Mixed content is not idea, and the browsers (e.g. chrome) are pushing "SSL-everywhere" pretty aggressively (which is good). The ad hosting sites will be forced into complying or else miss out on revenue. This will happen naturally in time. Not too much to worry about IMO. But if Shaun is reading this I suppose he could hassle the ad providers to get a move on! There is no excuse not to have SSL these days, certificates (from letsencrypt) are free as long as you can prove ownership of the domain.

      Dave

      Comment


      • #4
        Actually, it looks like it should already be possible!

        If you look at the insecure content (e.g. the sparesbox and motoquipe banners), and copy the image URL into a new tab, replace the http link with a https one, the URL still works and is served with a valid SSL certificate (from digicert).

        So it is probably a simple change for Shaun or his hosting provider to change the magic javascript that loads the ads to use the https versions.

        Dave

        Comment


        • #5
          Good to hear you are all over it, understand threat is minimal but more something to solve than deliberate risk mitigation.

          The effect on SEO and the way crawls are indexed will potentially have the greatest impact (in the long run).

          Like most cases in 2017, it's simply a game of catch up
          Kind Regards,

          Deeds - https://citygonebad.com/

          'Big Blue Bruise', 2016 Nebula Blue GX - https://www.fortunerforum.com.au/member/668-deeds
          City Gone Bad, You Tube Channel - https://www.youtube.com/channel/UCf6...BEp6X_07nHMzvA
          City Gone Bad, Instagram Account - https://www.instagram.com/citygonebad/

          Please subscribe to our channels - Like | Share | Leave a comment:

          Comment


          • #6
            I will sort it out!
            Fortuner Forum Default Signature!

            Comment


            • #7
              Shaun, how did you get on with this?
              Kind Regards,

              Deeds - https://citygonebad.com/

              'Big Blue Bruise', 2016 Nebula Blue GX - https://www.fortunerforum.com.au/member/668-deeds
              City Gone Bad, You Tube Channel - https://www.youtube.com/channel/UCf6...BEp6X_07nHMzvA
              City Gone Bad, Instagram Account - https://www.instagram.com/citygonebad/

              Please subscribe to our channels - Like | Share | Leave a comment:

              Comment

              Working...
              X