HTTPS / SSL / IPv6 / SPDY support

Mick West

Mick West

Administrator
Staff member
Metabunk now has experimental HTTPS / SSL support, meaning you can sign in and browse securely by just using the https protocol.

This might eventually apply to everything, but for now it requires you to manually start at a https page, so I suggest if you want to use it, then please update your bookmarks.

https://www.metabunk.org

Please let me know if you see any difference between a page in http and https

(@qed)
 
Note if you switch to HTTPS you will have to log in again.

Currently you will see warnings for mixed content whenever there are linked images present - that's because currently images are hard-wired to http. If all goes well, I'll purge the site, so all internal links are http

This thread should show up as a verified connection with no warnings, as it just uses attachments

2013-11-20 14-45-47.jpg
 
Last edited:
I've now gone full HTTPS, 256 bit encryption, screw the NSA! :)


Your connection to www.metabunk.org is encrypted with 256-bit encryption.

The connection uses TLS 1.0.

The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and ECDHE_RSA as the key exchange mechanism.
Content from External Source
Seriously though, the entire site content now should be secure, so there should be zero warnings.

Apologies for logging everyone out.

And for the record, this costs an additional $8 per year, with a wee bit of additional housekeeping, and the initial cleanup.

Server load seems to have gone from around .15 to .20. Slight drop in responsiveness, but not significant.
[Update, actually it seems to have hardly changed, now it's settled down, load average at 0.13]

I'm glad @qed suggested this, as the insecure login process with the forum has always worried me a little. And the endpoint-to-endpoint encryption prevents any plausible snooping or spam injection.
 
Last edited:
And since we are moving towards the future, I have (in theory) enabled IPv6 support.

Of course I can't actually test it, as my ISP does not support IPv6, but other people should be able to use it.
 
The fixed SSL has now also allowed me to implement SPDY, which I just did today. Hopefully without breaking anything.
 
And now added ngx_pagespeed. Which has a bit more potential for breaking things, as a re-writes the pages to make them faster. So let me know if it breaks.
 
You must log in or register to reply here.

Similar threads

lockedupsafe
A merchant ship reported 8 UFOs coming out of the ocean in Argentina
Replies
4
Views
2K
flarkey
flarkey
T
Debunked: 15 Minute Cities are a plot to confine people into regimented zones
2 3
Replies
115
Views
12K
FatPhil
FatPhil
Doctor Franger
Operation Paperclip etymology
2
Replies
48
Views
5K
unclepaulie
U
NorCal Dave
Claim: A UFO crashed in 1933 Italy and the US Recovered it
Replies
8
Views
3K
NorCal Dave
NorCal Dave
Mick West
Emails From a Pilot Regarding Starlink and Other Objects
Replies
3
Views
985
Leekster
Leekster

Latest posts

Back
Top