https redirects

[morgan]

I noticed a couple of things that should get fixed.

The "Home" button seems to be pointing to https://champcitabriadecathlonforums.com which breaks things if you click it and don't reset manually to https.

ccdforums.com redirects to http as well.

You should be able to set up your configuration to redirect everything to https. Not sure if you're using Apache or Nginx as a server engine. I probably have the configuration text at work although a quick search produces the results I was looking for.

https://www.tecmint.com/redirect-http-to-https-on-apache/

I think Nginx uses the same apache conf files.

Morgan

 

[Bartman]

I don't think we ever set up the site to run secure pages using https.....i remember we did that with MultiRotorForums.com back when I started/owned it.

What is the advantage for a small site like this to run securely? I kinda know what I'm doing here, kinda don't.

 

[JimParker256]

The biggest thing is that it helps prevent "man-in-the-middle" attacks, because your "certificate" is signed by a trusted authority. Prevents people from hijacking part (or all) of your site, and collecting passwords, etc.
But on the "plus" side, every page I go to (other than the couple of exceptions noted by "morgan" above are actually secure already (https:...).

 

[Bartman]

Is this still an active issue or did we decide we're good where we're at? Thanks

@morgan @JimParker256

 

[JimParker256]

I'm accessing everything on this site using "https" prefixes, so I guess that secure access overall is fixed. But the "home" button on the banner still tries to take you to a non-secured page (https://...), and generates a warning in Chrome and Safari browsers. (Haven't tried Chrome, and you can't pay me enough to use IE...) I just don't use the Home button. Easy fix would be to change your link to "https:/..." instead of "http:/..." in the code for that Home button.