Canreef Aquatics Bulletin Board

Canreef Aquatics Bulletin Board (http://www.canreef.com/vbulletin/index.php)
-   Q&A (http://www.canreef.com/vbulletin/forumdisplay.php?f=19)
-   -   Enabling HTTPS ? (http://www.canreef.com/vbulletin/showthread.php?t=121904)

SoloSK71 01-01-2017 07:41 PM

Enabling HTTPS ?
 
Hi,

I was wondering if there was a schedule or plan to enable HTTPS for the board?

Charles

Myka 01-02-2017 02:22 AM

Forwarded to Titus, he may take awhile to answer. :)

SoloSK71 01-02-2017 02:24 AM

Thanks :)

One of my New Year's Resolutions is to be a little more tight on my electronic security, so I went through the various forums I post on asking to turn this feature on.

Charles

titus 01-02-2017 03:25 AM

Hello

Charles no because we don't do ecommerce here so there is no imminent need to have htttps. However yes there is a plan as a general upgrade but I can't specify a date.

Titus

Myka 01-02-2017 01:03 PM

Quote:

Originally Posted by SoloSK71 (Post 1005044)
Thanks :)

One of my New Year's Resolutions is to be a little more tight on my electronic security, so I went through the various forums I post on asking to turn this feature on.

Charles

Hi Charles,

None of the forums I frequent use https. All of the online vendors I frequent use https. I didn't think there was any need for https unless you were entering payment information. Could you explain more?

SoloSK71 01-02-2017 05:18 PM

Taken from a presentation at the Chrome Developers Summit 2016 by Kayce Basques.

Quote:

HTTPS helps prevent intruders from tampering with the communications between your websites and your users’ browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages.

Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For example, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities.

Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML … they’re all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP, just to name a few.
Quote:

HTTPS prevents intruders from being able to passively listen to communications between your websites and your users.

One common misconception about HTTPS is that the only websites that need HTTPS are those that handle sensitive communications. Every unprotected HTTP request can potentially reveal information about the behaviors and identities of your users. Although a single visit to one of your unprotected websites may seem benign, some intruders look at the aggregate browsing activities of your users to make inferences about their behaviors and intentions, and to de-anonymize their identities. For example, employees might inadvertently disclose sensitive health conditions to their employers just by reading unprotected medical articles.
Charles

Myka 01-02-2017 06:47 PM

Thanks Charles. Though I don't know what most of that means. :lol:

SoloSK71 01-02-2017 09:17 PM

The quick summary is that HTTPS protects more than just e-commerce.

It means it would be harder for someone's account to be hacked, and if people wanted to pass on PayPal OT Interac payments through PM's they would be secure while doing so.

It means that a malicious ad provider could not inject their ads instead of the ones the forum sponsors pay for.

Charles

DKoKoMan 01-02-2017 10:26 PM

Lost me... :biggrin:

Bugger 01-02-2017 11:36 PM

What would the site use it for?
Isen't this a node.js thing? Where you require("https") and then set to a variable and extract something from a website like the weather or something


All times are GMT. The time now is 11:47 PM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.