Request: Use proper SSL connection for forum [resolved]

Jasper
Jasper
edited July 2014 in Lounge
This discussion was created from comments split from: PRISM and cloud syncing security.

Comments

  • jaydisc
    jaydisc
    Community Member

    Here's an idea... iOS 7 Background App Refresh combined with WiFI syncing. The only reason I've ever wanted "cloud" syncing is so I wouldn't forget to do it. Keeping the data out of the cloud completely would be best, and using iOS 7 Background App Refresh will solve the part about me forgetting to sync.

    P.S. You guys have a misconfigured SSL certificate for discussions.agilebits.com. Not a good look :)

  • Jasper
    Jasper

    Hi @jaydisc,

    Thanks for the suggestion! Automatic wi-fi syncing would be awesome. :)

    You guys have a misconfigured SSL certificate for discussions.agilebits.com.

    The forum does not use SSL. Of course you are right that we should be using SSL on the forum. We like to think that everyone posting here is using a unique password, but that really isn't a good excuse. Unfortunately moving to https is not something that is really simple, especially since our forum is hosted by a third party. With that said, we are looking into it with Vanilla (our forum provider).

  • RichardPayne
    RichardPayne
    Community Member

    The forum does not use SSL.

    Errmm, it does. I'm connected via SSL right now. I reported this ages ago but since you seem to be struggling to fix it, can I assume that you're only paying for a shared server? It is a trivially easy fix if you have a dedicated web server instance.

  • jaydisc
    jaydisc
    Community Member

    The problem is that the email notifications send https links to subscribed content for notifications, so every time one of those links is followed... SSL error.

    I still think you should implement Background App Refresh with WiFi Syncing. Hope that didn't get lost in the SSL discussion.

  • benfdc
    benfdc
    Community Member

    I'm seeing the same issue as @jaydisc with my email notifications.

  • Jasper
    Jasper
    edited May 2014

    The forum does not use SSL correctly. As I'm sure you've noticed, the certificate is not valid (host name mismatch).

    can I assume that you're only paying for a shared server? It is a trivially easy fix if you have a dedicated web server instance.

    We don't host the forum, Vanilla does.

    Like I said in my post above:

    Unfortunately moving to https is not something that is really simple, especially since our forum is hosted by a third party. With that said, we are looking into it with Vanilla (our forum provider).

    We definitely would like to use https here (with a correctly configured SSL certificate). It's a matter of working with Vanilla to get it implemented here.

    The problem is that the email notifications send https links to subscribed content for notifications, so every time one of those links is followed... SSL error.

    I didn't realize the email notifications included a https link. Thanks for the heads up!

    I still think you should implement Background App Refresh with WiFi Syncing. Hope that didn't get lost in the SSL discussion.

    Thanks for the suggestion! Automatic wi-fi syncing would be awesome. I'll pass your feedback along to the developers! :)

    I've split off these comments into a separate discussion, since this isn't related to PRISM and cloud syncing security.

    .

  • benfdc
    benfdc
    Community Member

    I didn't realize the email notifications included a https link. Thanks for the heads up!

    Some notifcations come with http links. Others, including the notifications for this thread, come with https links.

This discussion has been closed.