Netrunner Logo
Board Index divider Search Member List Help
Hello There, Guest! Login Register
Login
Username:
Password: Lost Password?
 
Index › Community › Website and Forums › [solved] https for forum and homepage

[solved] https for forum and homepage
Moderator

Joined: Jul 2013
Posts: 2,717
leszek Offline
#1
15th August 2015, 12:53 Edited(This post was last modified: 12th March 2018, 17:53 by starbuck.)
I got a few requests (by encrypted mails Tongue) to offer https for the homepage and forum. 
I have to agree nowadays we need at least https support. 
Find
Reply
Jack-of-all-Trades
*

Joined: Aug 2015
Posts: 10
abcde Offline
#2
15th August 2015, 15:02
Yes, this is critical. You know that when you use on this or any other non https-forum a password you use for secure things, this password is been transfered fully clear trough the internet.

This means that you tell your ISP your password. You tell everyone on a public wifi like on starbucks-coffee your password. And so on.

The best solution is to upgrade your webserver to HTTP/2 and to use the free certificates from https://letsencrypt.org/ when they start their service in few days.
Find
Reply
Jack-of-all-Trades
*

Joined: Mar 2016
Posts: 8
foeax Offline
#3
8th March 2016, 19:32 Edited(This post was last modified: 8th March 2016, 19:32 by foeax.)
About half a year later and NOTHING happened? Whats going on here?! It seems i am not the only one who see this critical security issues noone care about!


By the way:
I have been forced to register without any encryption to this forum and had to send in cleartext the password.
So because i was forced to make it public here it is: "insecurehttp" (without the quotes)
Find
Reply
Databroker
***

Joined: Apr 2015
Posts: 71
dbyentzen Offline
#4
10th March 2016, 17:33
I must agree here. The forum and website should be "HTTPS" in order to increased the security of users to this forum and people who download ISOs. I realize that HTTPS would not have prevented the unfortunate event with Linux Mint as the problem was most likely a WP plugin. However, with LetEncrypt, HTTPS is made relatively easy.
Also, while an md5sum is available for users I think the use of SHA256 and/or pgp would be better. I have no idea how much additional work doing these things would add as I believe this project is run by a relatively small group I do not wish to add burden.
I would like to express my appreciation for the absolutely wonderful and professional distro that Netrunner is so if there is any way I can contribute, I'd be happy to.
Find
Reply
Jack-of-all-Trades
*

Joined: Mar 2016
Posts: 8
foeax Offline
#5
11th March 2018, 21:39 Edited(This post was last modified: 11th March 2018, 21:43 by foeax.)
Dudes(the admins of this ipv4-only server with ip 46.137.88.2 ), whats wrong with you?!
2 years are gone. TWO YEARS! And NOTHING happened! Still completely insecure! Did you even care about security?

Here a backup of this crazy security ignorance saved for all time: https://web.archive.org/web/20180311194254/http://forums.netrunner.com/showthread.php?tid=18027
Find
Reply


  • View a Printable Version
  • Subscribe to this thread
Forum Jump:

  • Contact Us
  • Netrunner Forums
  • Return to Top
  • Lite (Archive) Mode
  • RSS Syndication
Current time: 16th August 2018, 4:52 Powered By MyBB, © 2002-2018 MyBB Group.
Linear Mode
Threaded Mode