Page 1 of 1 [ 13 posts ] 

PM
Veteran
Veteran

User avatar

Joined: 14 Oct 2010
Age: 36
Gender: Male
Posts: 1,466
Location: Southeastern United States

29 Mar 2013, 6:24 pm

I have WP bookmarked under https://wrongplanet.net but whenever I go to the particular address, I get a Cloudfare error. However, http://wrongplanet.net functions normally.

Can this issue be resolved, or are security conscious users out of luck?


_________________
Who knows what evil lurks in the hearts of men?


FMX
Veteran
Veteran

User avatar

Joined: 16 Mar 2012
Gender: Male
Posts: 1,319

30 Mar 2013, 9:30 am

I got that too:

Quote:
This website is offline
No cached version is available


I thought WP was offline, but it turns out http:// works. I'm not impressed with CloudFlare so far.



PM
Veteran
Veteran

User avatar

Joined: 14 Oct 2010
Age: 36
Gender: Male
Posts: 1,466
Location: Southeastern United States

30 Mar 2013, 5:50 pm

Hmm, now i'm getting an SSL error saying that I have been directed to the hosting company's server.


_________________
Who knows what evil lurks in the hearts of men?


GGPViper
Veteran
Veteran

User avatar

Joined: 23 Sep 2009
Gender: Male
Posts: 5,880

01 Apr 2013, 10:13 am

Gah. Now I'm getting stonewalled by CloudFlare too.

Can't access WP at all with https...



mikassyna
Veteran
Veteran

User avatar

Joined: 4 Feb 2013
Age: 53
Gender: Female
Posts: 1,319
Location: New York, NY

01 Apr 2013, 10:19 am

I sometime get notifications by email of a response to a post. I use the link to access the site through the post and that usually clears it up, but I've been having ongoing errors with that too. Very frustrating!



FMX
Veteran
Veteran

User avatar

Joined: 16 Mar 2012
Gender: Male
Posts: 1,319

01 Apr 2013, 10:59 am

It's still happening every time for me. I reported it to CloudFlare support - we'll see what they say.



Cornflake
Administrator
Administrator

User avatar

Joined: 30 Oct 2010
Gender: Male
Posts: 73,316
Location: Over there

01 Apr 2013, 11:31 am

I'm probably missing something here - but aside from helping avoid the slim chance of a man-in-the-middle attack occurring on your connection, why is it necessary to have a secure link to post information which is visible to the general public?


_________________
Giraffe: a ruminant with a view.


FMX
Veteran
Veteran

User avatar

Joined: 16 Mar 2012
Gender: Male
Posts: 1,319

01 Apr 2013, 12:25 pm

It's not "necessary", of course, but I think it is desirable for a number of reasons:

*) Not all the information transmitted is public - especially not login credentials, but also PMs
*) Even the public information is only public for those who view WP and cannot easily be linked to your RL identity. You may not want everyone on your wireless network being able to read your posts.
*) If you're a bit more paranoid, you may also object to your ISP being able to track every page you read (your "clickstream")

IMO, HTTPS should become the standard web protocol - privacy should be the default. CPUs are more than fast enough nowadays, SSL certificates are cheap and it's pretty easy to set up. (Well, maybe not if CloudFlare is involved... ;))



FMX
Veteran
Veteran

User avatar

Joined: 16 Mar 2012
Gender: Male
Posts: 1,319

02 Apr 2013, 3:12 am

CloudFlare support have promptly fixed the issue. I have to give credit where credit is due, their support seems pretty good.



Cornflake
Administrator
Administrator

User avatar

Joined: 30 Oct 2010
Gender: Male
Posts: 73,316
Location: Over there

02 Apr 2013, 7:15 am

Fair point about the security when using WiFi.
My LAN is wired although I do run an access point (which spends most of its time off) on my server, used very occasionally for the smartphone or laptop, so the possibility of "open air" snooping doesn't really occur.
If my only access was via WiFi then I'd agree entirely with using https exclusively.

Excellent news about CloudFlare though!
That sort of responsiveness is rare - and very welcome - these days.


_________________
Giraffe: a ruminant with a view.


Vigilans
Veteran
Veteran

User avatar

Joined: 19 Jun 2008
Age: 38
Gender: Male
Posts: 12,181
Location: Montreal

06 Apr 2013, 5:28 pm

FMX wrote:
It's not "necessary", of course, but I think it is desirable for a number of reasons:

*) Not all the information transmitted is public - especially not login credentials, but also PMs
*) Even the public information is only public for those who view WP and cannot easily be linked to your RL identity. You may not want everyone on your wireless network being able to read your posts.
*) If you're a bit more paranoid, you may also object to your ISP being able to track every page you read (your "clickstream")

IMO, HTTPS should become the standard web protocol - privacy should be the default. CPUs are more than fast enough nowadays, SSL certificates are cheap and it's pretty easy to set up. (Well, maybe not if CloudFlare is involved... ;))


Completely agree with you. I think WP should always be accessed by HTTPS, personally. It would be nice if it were default.


_________________
Opportunities multiply as they are seized. -Sun Tzu
Nature creates few men brave, industry and training makes many -Machiavelli
You can safely assume that you've created God in your own image when it turns out that God hates all the same people you do


MakaylaTheAspie
Veteran
Veteran

User avatar

Joined: 21 Jun 2011
Age: 30
Gender: Non-binary
Posts: 14,565
Location: O'er the land of the so-called free and the home of the self-proclaimed brave. (Oregon)

06 Apr 2013, 5:56 pm

My family uses a dial-up connection because our broadband doesn't like us and frequently goes down. Plus, my family uses wireless devices all the time. I'd prefer the "https" over not being secure.


_________________
Hi there! Please refer to me as Moss. Unable to change my username to reflect that change. Have a nice day. <3


FMX
Veteran
Veteran

User avatar

Joined: 16 Mar 2012
Gender: Male
Posts: 1,319

08 Apr 2013, 2:32 am

It would be nice if the links to WP in notification emails (for topic replies, etc.) had an https:// URL for it. It's probably just one setting for all emails somewhere.