Duke4.net Forums: Missing http -> https redirect - Duke4.net Forums

Jump to content

Hide message Show message
Welcome to the Duke4.net Forums!

Register an account now to get access to all board features. After you've registered and logged in, you'll be able to create topics, post replies, send and receive private messages, disable the viewing of ads and more!

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Missing http -> https redirect  "https tls security"

User is offline   Zagro 

  • 12

#1

Hi, can you made the forum redirect http access to https?

Currently I can access http://forums.duke4.net/ and login with http. It is advisable that every page be redirect to https version by the web server.

This to improve security and avoid accesses (and especially users logins) with plain http. Also improve Google Ranking.

Thanks.
0

User is offline   TerminX 

  • el fundador
  • 5,595

  #2

Once you visit the site over HTTPS your browser will automatically redirect you to that version instead of the HTTP version via HSTS. We have no intention of turning off HTTP access to the forum.

EDuke32 wiki svn builds bugs
Join us in #eduke32 on irc.freenode.net!
0

User is offline   Zagro 

  • 12

#3

Thanks for the reply! HSTS is a very welcome addition indeed! But actually no need to turn off http, but, as I said, just add a http -> https redirect on the web server so that even the first access uses https. Here is how to do it on your web server (apache): https://wiki.apache....tpd/RedirectSSL

This post has been edited by Zagro: 13 March 2019 - 10:06 AM

0

User is offline   TerminX 

  • el fundador
  • 5,595

  #4

You're missing the point that we want the forum to be accessible over HTTP, for users who cannot browse over HTTPS for some reason or another.

EDuke32 wiki svn builds bugs
Join us in #eduke32 on irc.freenode.net!
0

User is offline   Zagro 

  • 12

#5

Not sure which usercase is requiring http and not https, the Internet is moving to https and some features are disabled on http at every new browser release. But my point was also related to saving password in the browser, I didn't access the forum since awhile, and then noticed my password was not remembered. This is because I accessed in the past with a different protocol. This may also confuse some other users.
Thanks
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic


All copyrights and trademarks are property of their respective owners. Instead of reading this text, you could be playing Ion Maiden! ;) © 2018 Voidpoint, LLC

Enter your sign in name and password


Sign in options