amuck-landowner

POLL: SSL for vpsBoard. Optional or forced site-wide?

W

willie

Active Member
I voted encrypt everything.  At minimum, the login form target (that receives the user password, it may actually be an ajax target) should always be encrypted, even if encryption for the rest of the site is optional.  Sending passwords in the clear is no longer an ok practice.

Added: if encryption is optional, it should be enabled by default, and if someone disables it, that should be displayed in their user profile for others to see.  Nobody with encryption enabled should send a PM with anything private in it if the recipient is going to read it without encryption.  So if a user has encryption turned off, potential PM senders should be notified of this. 

I think it's better to just make the encryption mandatory though, unless perhaps the Comcast story is checked out and confirmed to be real.  At the moment I don't see any persuasive evidence for it.  I see some anecdotes of slow transfers that to me have likelier explanations that don't involve Comcast slowing down ssl transfers.
 
Last edited by a moderator:
wlanboy

wlanboy

Content Contributer
Voted for optional.

Should work if IPB is only using relative paths for everything.

The full approach does not have this precariousness, but https does only secure the content, not the call (target url) itself - so it's not needed .for a board.
 
W

willie

Active Member
wlanboy said:
but https does only secure the content, not the call (target url) itself - so it's not needed .for a board.
Click to expand...
I don't understand what you mean by that. 

1) the path component of the url (i.e. the part after the hostname) is sent through the SSL connection, so it's encrypted, though in some cases the length in bytes might allow inferring it (turn off the SEO-ified url's would make the lengths the same). 

2) It's relatively ok if it's visible that someone has just posted to the login form (i.e. they are logging in).  But the post contents (containing the user password) should always be encrypted.  Doing anything else is just inviting trouble in this world of wifi sniffers everywhere.
 
Last edited by a moderator:
kaniini

kaniini

Beware the bunny-rabbit!
Verified Provider
My opinion is simple -- force it and use HSTS to ensure it remains sticky in browsers.
 
wlanboy

wlanboy

Content Contributer
willie said:
...
Click to expand...
What I wanted to say was:


GET http://vpsboard.com/topic/2814-poll-ssl-for-vpsboard-optional-or-forced-site-wide/#entry41283 [HTTP/1.1 200 OK 577ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&f=public/style_css/css_6/footer.css,public/style_css/css_6/custom.css,public/style_css/css_6/calendar_select.css,public/style_css/css_6/ipb_common.css,public/style_css/css_6/ipb_styles.css,public/style_css/css_6/ipb_ckeditor.css,public/style_css/prettify.css [HTTP/1.1 304 Not Modified 281ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&g=js [HTTP/1.1 304 Not Modified 421ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/2/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js,public/js/ips.textEditor.bbcode.js,public/js/ips.textEditor.js,public/js/ips.topic.js,public/js/ips.like.js [HTTP/1.1 304 Not Modified 530ms]
GET http://vpsboard.com/public/style_css/css_6/ipb_print.css [HTTP/1.1 304 Not Modified 671ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/ckeditor.js?nck=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 936ms]
GET http://vpsboard.com/public/js/3rd_party/prettify/prettify.js [HTTP/1.1 304 Not Modified 1061ms]
GET http://vpsboard.com/public/js/3rd_party/prettify/lang-sql.js [HTTP/1.1 304 Not Modified 1310ms]
GET http://vpsboard.com/public/js/3rd_party/lightbox.js [HTTP/1.1 304 Not Modified 1201ms]
GET http://analytics.vpsboard.com/piwik.js [HTTP/1.1 304 Not Modified 515ms]
GET http://www.gravatar.com/avatar/c0bbe74bf5a4c938819a7bee4a7716e2?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 16ms]
GET http://vpsboard.com/public/style_images/6_logo.png [HTTP/1.1 304 Not Modified 687ms]
GET http://vpsboard.com/public/style_images/memory/useropts_arrow.png [HTTP/1.1 304 Not Modified 812ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1.jpg?_r=1385436768 [HTTP/1.1 304 Not Modified 1061ms]
GET http://vpsboard.com/public/style_images/memory/profile/default_large.png [HTTP/1.1 304 Not Modified 1202ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-7.gif?_r=1369209518 [HTTP/1.1 304 Not Modified 1326ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1059.jpg?_r=1383319092 [HTTP/1.1 304 Not Modified 1685ms]
GET http://vpsboard.com/uploads/profile/photo-472.png?_r=1371599877 [HTTP/1.1 304 Not Modified 1810ms]
GET http://www.gravatar.com/avatar/4d58bf5c1597ebd6beb25719b50f9d6d?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 302 Found 47ms]
GET http://www.gravatar.com/avatar/87d740fd1a8d50efefe18cae5c2143f2?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 63ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1072.jpg?_r=1384833197 [HTTP/1.1 304 Not Modified 1950ms]
GET http://www.gravatar.com/avatar/2b1b5b56fdb3c8bfde7a08b24c0ccc31?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 63ms]
GET http://ac1.vpsboard.com/data/sides/ [HTTP/1.1 200 OK 968ms]
GET http://vpsboard.com/public/style_images/memory/icon_users.png [HTTP/1.1 304 Not Modified 2060ms]
GET http://vpsboard.com/public/style_images/memory/bullet_star_rated.png [HTTP/1.1 304 Not Modified 2200ms]
GET http://vpsboard.com/public/style_images/memory/icon_share.png [HTTP/1.1 304 Not Modified 2309ms]
GET http://vpsboard.com/public/style_extra/team_icons/admin.png [HTTP/1.1 304 Not Modified 2559ms]
GET http://www.gravatar.com/avatar/cb4d190c5756002d12484d96d81a9f29?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 302 Found 78ms]
GET http://vpsboard.com/public/style_images/memory/bullet_black.png [HTTP/1.1 304 Not Modified 2699ms]
GET http://vpsboard.com/public/style_images/memory/icon_quicknav.png [HTTP/1.1 304 Not Modified 2792ms]
GET http://vpsboard.com/public/style_images/memory/icon_inbox.png [HTTP/1.1 304 Not Modified 2917ms]
GET http://vpsboard.com/public/style_images/memory/icon_notify.png [HTTP/1.1 304 Not Modified 3042ms]
GET http://vpsboard.com/public/style_images/memory/header_dropdown.png [HTTP/1.1 304 Not Modified 3167ms]
GET http://vpsboard.com/public/style_images/memory/bg.png [HTTP/1.1 304 Not Modified 3432ms]
GET http://vpsboard.com/public/style_images/memory/advanced_search.png [HTTP/1.1 304 Not Modified 3541ms]
GET http://vpsboard.com/public/style_images/memory/search_icon.png [HTTP/1.1 304 Not Modified 3666ms]
GET http://vpsboard.com/public/style_images/memory/topic_button.png [HTTP/1.1 304 Not Modified 3791ms]
GET http://vpsboard.com/public/style_images/memory/maintitle.png [HTTP/1.1 304 Not Modified 3916ms]
GET http://vpsboard.com/public/style_images/memory/gradient_bg.png [HTTP/1.1 304 Not Modified 4181ms]
GET http://vpsboard.com/public/style_images/memory/like_button.png [HTTP/1.1 304 Not Modified 4290ms]
GET http://vpsboard.com/public/style_images/memory/icon_warning.png [HTTP/1.1 304 Not Modified 4415ms]
GET http://i2.wp.com/vpsboard.com/public/style_images/memory/profile/default_large.png [HTTP/1.1 304 Not Modified 16ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/ips_config.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 1046ms]
GET http://analytics.vpsboard.com/piwik.php?action_name=POLL...................................... [HTTP/1.1 200 OK 983ms]
GET http://vpsboard.com/public/style_images/memory/top.png [HTTP/1.1 304 Not Modified 4087ms]
GET http://vpsboard.com/public/style_images/memory/feed.png [HTTP/1.1 304 Not Modified 4196ms]
GET http://vpsboard.com/public/style_images/memory/cal_weekday.png [HTTP/1.1 304 Not Modified 4321ms]
GET http://vpsboard.com/public/style_images/memory/snapback.png [HTTP/1.1 304 Not Modified 4337ms]
GET http://vpsboard.com/public/style_images/memory/lightbox/loading.gif [HTTP/1.1 304 Not Modified 4602ms]
GET http://vpsboard.com/public/style_images/memory/lightbox/closelabel.gif [HTTP/1.1 304 Not Modified 4727ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/skin.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 983ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/editor.css?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 843ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/lang/ipb.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 1591ms]
GET http://vpsboard.com/public/style_images/memory/editor/toolbar_bg.png [HTTP/1.1 304 Not Modified 1248ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/images/sprites.png [HTTP/1.1 304 Not Modified 1358ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/plugins/styles/styles/default.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 749ms]

If someone really wants to have the "full approach" everything has to be done through SSL:

So that 4 calls too.

  1. Switching the profile pix to another url
  2. Decide to turn of gravatar
  3. Buy a wildcard SSL cert for analytics and the ads
Right just because the piwik call does include quite a lot of information.
 
Coastercraze

Coastercraze

Top Thrill
Verified Provider
Other / doesn't matter to me. If it helps people with their overzealous firewalls at work, then have at it. :)
 
Shados

Shados

Professional Snake Miner
wlanboy said:
What I wanted to say was:




GET http://vpsboard.com/topic/2814-poll-ssl-for-vpsboard-optional-or-forced-site-wide/#entry41283 [HTTP/1.1 200 OK 577ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&f=public/style_css/css_6/footer.css,public/style_css/css_6/custom.css,public/style_css/css_6/calendar_select.css,public/style_css/css_6/ipb_common.css,public/style_css/css_6/ipb_styles.css,public/style_css/css_6/ipb_ckeditor.css,public/style_css/prettify.css [HTTP/1.1 304 Not Modified 281ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&g=js [HTTP/1.1 304 Not Modified 421ms]
GET http://vpsboard.com/public/min/index.php?ipbv=a72dbde1c284a4c592d0e6223223b5d0&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/2/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js,public/js/ips.textEditor.bbcode.js,public/js/ips.textEditor.js,public/js/ips.topic.js,public/js/ips.like.js [HTTP/1.1 304 Not Modified 530ms]
GET http://vpsboard.com/public/style_css/css_6/ipb_print.css [HTTP/1.1 304 Not Modified 671ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/ckeditor.js?nck=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 936ms]
GET http://vpsboard.com/public/js/3rd_party/prettify/prettify.js [HTTP/1.1 304 Not Modified 1061ms]
GET http://vpsboard.com/public/js/3rd_party/prettify/lang-sql.js [HTTP/1.1 304 Not Modified 1310ms]
GET http://vpsboard.com/public/js/3rd_party/lightbox.js [HTTP/1.1 304 Not Modified 1201ms]
GET http://analytics.vpsboard.com/piwik.js [HTTP/1.1 304 Not Modified 515ms]
GET http://www.gravatar.com/avatar/c0bbe74bf5a4c938819a7bee4a7716e2?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 16ms]
GET http://vpsboard.com/public/style_images/6_logo.png [HTTP/1.1 304 Not Modified 687ms]
GET http://vpsboard.com/public/style_images/memory/useropts_arrow.png [HTTP/1.1 304 Not Modified 812ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1.jpg?_r=1385436768 [HTTP/1.1 304 Not Modified 1061ms]
GET http://vpsboard.com/public/style_images/memory/profile/default_large.png [HTTP/1.1 304 Not Modified 1202ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-7.gif?_r=1369209518 [HTTP/1.1 304 Not Modified 1326ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1059.jpg?_r=1383319092 [HTTP/1.1 304 Not Modified 1685ms]
GET http://vpsboard.com/uploads/profile/photo-472.png?_r=1371599877 [HTTP/1.1 304 Not Modified 1810ms]
GET http://www.gravatar.com/avatar/4d58bf5c1597ebd6beb25719b50f9d6d?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 302 Found 47ms]
GET http://www.gravatar.com/avatar/87d740fd1a8d50efefe18cae5c2143f2?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 63ms]
GET http://vpsboard.com/uploads/profile/photo-thumb-1072.jpg?_r=1384833197 [HTTP/1.1 304 Not Modified 1950ms]
GET http://www.gravatar.com/avatar/2b1b5b56fdb3c8bfde7a08b24c0ccc31?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 304 Not Modified 63ms]
GET http://ac1.vpsboard.com/data/sides/ [HTTP/1.1 200 OK 968ms]
GET http://vpsboard.com/public/style_images/memory/icon_users.png [HTTP/1.1 304 Not Modified 2060ms]
GET http://vpsboard.com/public/style_images/memory/bullet_star_rated.png [HTTP/1.1 304 Not Modified 2200ms]
GET http://vpsboard.com/public/style_images/memory/icon_share.png [HTTP/1.1 304 Not Modified 2309ms]
GET http://vpsboard.com/public/style_extra/team_icons/admin.png [HTTP/1.1 304 Not Modified 2559ms]
GET http://www.gravatar.com/avatar/cb4d190c5756002d12484d96d81a9f29?s=100&d=http%3A%2F%2Fvpsboard.com%2Fpublic%2Fstyle_images%2Fmemory%2Fprofile%2Fdefault_large.png [HTTP/1.1 302 Found 78ms]
GET http://vpsboard.com/public/style_images/memory/bullet_black.png [HTTP/1.1 304 Not Modified 2699ms]
GET http://vpsboard.com/public/style_images/memory/icon_quicknav.png [HTTP/1.1 304 Not Modified 2792ms]
GET http://vpsboard.com/public/style_images/memory/icon_inbox.png [HTTP/1.1 304 Not Modified 2917ms]
GET http://vpsboard.com/public/style_images/memory/icon_notify.png [HTTP/1.1 304 Not Modified 3042ms]
GET http://vpsboard.com/public/style_images/memory/header_dropdown.png [HTTP/1.1 304 Not Modified 3167ms]
GET http://vpsboard.com/public/style_images/memory/bg.png [HTTP/1.1 304 Not Modified 3432ms]
GET http://vpsboard.com/public/style_images/memory/advanced_search.png [HTTP/1.1 304 Not Modified 3541ms]
GET http://vpsboard.com/public/style_images/memory/search_icon.png [HTTP/1.1 304 Not Modified 3666ms]
GET http://vpsboard.com/public/style_images/memory/topic_button.png [HTTP/1.1 304 Not Modified 3791ms]
GET http://vpsboard.com/public/style_images/memory/maintitle.png [HTTP/1.1 304 Not Modified 3916ms]
GET http://vpsboard.com/public/style_images/memory/gradient_bg.png [HTTP/1.1 304 Not Modified 4181ms]
GET http://vpsboard.com/public/style_images/memory/like_button.png [HTTP/1.1 304 Not Modified 4290ms]
GET http://vpsboard.com/public/style_images/memory/icon_warning.png [HTTP/1.1 304 Not Modified 4415ms]
GET http://i2.wp.com/vpsboard.com/public/style_images/memory/profile/default_large.png [HTTP/1.1 304 Not Modified 16ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/ips_config.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 1046ms]
GET http://analytics.vpsboard.com/piwik.php?action_name=POLL...................................... [HTTP/1.1 200 OK 983ms]
GET http://vpsboard.com/public/style_images/memory/top.png [HTTP/1.1 304 Not Modified 4087ms]
GET http://vpsboard.com/public/style_images/memory/feed.png [HTTP/1.1 304 Not Modified 4196ms]
GET http://vpsboard.com/public/style_images/memory/cal_weekday.png [HTTP/1.1 304 Not Modified 4321ms]
GET http://vpsboard.com/public/style_images/memory/snapback.png [HTTP/1.1 304 Not Modified 4337ms]
GET http://vpsboard.com/public/style_images/memory/lightbox/loading.gif [HTTP/1.1 304 Not Modified 4602ms]
GET http://vpsboard.com/public/style_images/memory/lightbox/closelabel.gif [HTTP/1.1 304 Not Modified 4727ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/skin.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 983ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/editor.css?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 843ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/lang/ipb.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 1591ms]
GET http://vpsboard.com/public/style_images/memory/editor/toolbar_bg.png [HTTP/1.1 304 Not Modified 1248ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/skins/ips/images/sprites.png [HTTP/1.1 304 Not Modified 1358ms]
GET http://vpsboard.com/public/js/3rd_party/ckeditor/plugins/styles/styles/default.js?t=393844341de5ef1f95b315754bc263c6 [HTTP/1.1 304 Not Modified 749ms]

If someone really wants to have the "full approach" everything has to be done through SSL:

So that 4 calls too.

  1. Switching the profile pix to another url
  2. Decide to turn of gravatar
  3. Buy a wildcard SSL cert for analytics and the ads
Right just because the piwik call does include quite a lot of information.
Click to expand...
Or instead of turning off Gravatar, just use their HTTPS URL...?
 
W

willie

Active Member
Wlanboy, ok, I see what you mean about those urls now, good point.  IMHO Gravatar should be shut off altogether, since it's invasive (receives referer urls of every page you view) and slows down page loading miserably.  I adblocked it ages ago and forgot about it.  It looks like there's a static file from i2.wp.com that presumably should be served directly from vpsb.  That leaves analytics, which I'd get rid of if it were up to me, but using a wildcard cert or a second $5 cert seems like an ok alternative.  Or somehow put it on the same domain as the main site.
 
HalfEatenPie

HalfEatenPie

The Irrational One
Retired Staff
willie said:
Wlanboy, ok, I see what you mean about those urls now, good point.  IMHO Gravatar should be shut off altogether, since it's invasive (receives referer urls of every page you view) and slows down page loading miserably.  I adblocked it ages ago and forgot about it.  It looks like there's a static file from i2.wp.com that presumably should be served directly from vpsb.  That leaves analytics, which I'd get rid of if it were up to me, but using a wildcard cert or a second $5 cert seems like an ok alternative.  Or somehow put it on the same domain as the main site.
Click to expand...
if you dislike the analytic, then here you go:

http://vpsboard.com/privacypolicy/

Analytic TracingWe track and collect non-identifiable data on visitors to determine browsing habits and traffic data. This information is never sold, and is only used to determine the growth of the site, peak times of traffic, areas of the world our visitors are coming from, etc. You may opt-out of tracking by following the URL here: http://analytics.vpsboard.com/index.php?module=CoreAdminHome&action=optOut&language=en
Click to expand...
 
peterw

peterw

New Member
Shados said:
Or instead of turning off Gravatar, just use their HTTPS URL...?
Click to expand...
Gravatar can be blocked on client side. He is right that ads and analytics have to switch to ssl too.

willie said:
Wlanboy, ok, I see what you mean about those urls now, good point.  IMHO Gravatar should be shut off altogether, since it's invasive (receives referer urls of every page you view) and slows down page loading miserably.  I adblocked it ages ago and forgot about it.  It looks like there's a static file from i2.wp.com that presumably should be served directly from vpsb.  That leaves analytics, which I'd get rid of if it were up to me, but using a wildcard cert or a second $5 cert seems like an ok alternative.  Or somehow put it on the same domain as the main site.
Click to expand...
Analytics do have a opt-out. But what about ads? Should be ssl too.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
Yes, you can opt out of tracking via the privacy policy. No, I will not disable analytics, though. I removed Google analytics and moved everything in house for those worried about 3rd party tracking, but I still need to know where traffic is coming from and other website metrics. It's not 100% accurate as many have opted out, which is fine, but disabling sitewide is not an option I'm interested in. Knowing what sites are referring traffic here, knowing what pages/threads are popular a particular week, having graphs to measure growth, etc is something I don't want to live without. The only revealing information in analytics are IP addresses and geolocation, which I can see anyway from the backend for the forum.

I maybe open to gravatar removal... but it'll have to go to vote. The site looks awful with those default avatars when you have a bunch in a row.

Anything else? Should I use the certificate I recently purchased for something else since it's not a wildcard one?

Tell me what you want.
 
Damian

Damian

New Member
Verified Provider
I will admit that I don't really see what the big deal is that we need to have discussion, then a vote about it? We're not running websites on a Pentium III anymore (I hope...), the 'additional CPU load' is negligible.

Do it and make the clients (including me) happy.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
peterw said:
What about the comunity projects? Git, Imagehosting a.s.o.?
Click to expand...
If there is a concern for those too, then sure. Novacha manages the Git server, wlanboy manages the image hosting one... not sure what ASO is but I'll supply the certificates.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
Damian said:
I will admit that I don't really see what the big deal is that we need to have discussion, then a vote about it? We're not running websites on a Pentium III anymore (I hope...), the 'additional CPU load' is negligible.

Do it and make the clients (including me) happy.
Click to expand...
My main concern has been performance, but I am hearing it shouldn't be an issue.

I've already got enough performance issues over the past several months and have been hesitant to add something else on top of that. Was going to move to BuyVM's east coast location as it's best, geographically, for the user base. Have been planning the SSL stuff for a while, but and was going to only do it after I migrated data, swapped Lighttpd for nginx and just rebuilt the server. But my invoice was due and I went ahead and paid another 3 months in Vegas since I had nowhere else to go.

I just seriously never realized how urgent the matter was to everyone, so I had no problem delaying it until I set aside a day to do the migration. But I see now that it's been brought up, it's very important that it gets done ASAP. I'll do it tonight after work.
 
InertiaNetworks-John

InertiaNetworks-John

Inertia Networks, LLC
Verified Provider
One problem that might cause some things to break is that you allow users to embed images from external sites, that do not have to be secure.

This problem could be solved by making them upload them to vpsBoard or making it be from a https enabled server.
 
You must log in or register to reply here.
Top
amuck-landowner