add SSL so we can access boundforum securely over HTTPS
Posted: 02 May 2018, 18:08
Currently (2018-05-02) boundforum seems only to be accessible via HTTP, including the login page. I assume this means that users' logins and passwords are being transmitted across the internet in plaintext.
Navigating to HTTPS://boundforum.com/ shows a "not secure" warning in the browser address bar and resolves to a page that simply says "greybolt.com".
Given the topics discussed on the site and users' overwhelming interest in privacy, the forum should provide encrypted HTTPS connections by default.
Depending on the host operating system of the server, adding free SSL certificates from LetsEncrypt.org could be as simple as executing a few commands on the server. LetsEncrypt "Certbot" provides guides for a variety of OS-server combinations. For instance, Ubuntu 14.04 'trusy' + nginx:
Alternatively, I think partial SSL encryption (between cloudflare and users) can be enabled via the cloudflare dashboard, (assuming boundforum uses cloudflare): https://www.cloudflare.com/ssl/
Cloudflare also provides documentation on how to setup full SSL via LetsEncrypt w/ certbot: Cloudflare Knowledgebase - How to Validate a Let’s Encrypt Certificate on a Site Already Active on Cloudflare
Let me know if I can help with any of this, or if I've misunderstood something. Thanks!
Navigating to HTTPS://boundforum.com/ shows a "not secure" warning in the browser address bar and resolves to a page that simply says "greybolt.com".
Given the topics discussed on the site and users' overwhelming interest in privacy, the forum should provide encrypted HTTPS connections by default.
Depending on the host operating system of the server, adding free SSL certificates from LetsEncrypt.org could be as simple as executing a few commands on the server. LetsEncrypt "Certbot" provides guides for a variety of OS-server combinations. For instance, Ubuntu 14.04 'trusy' + nginx:
Code: Select all
# On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx
Code: Select all
# Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it:
$ sudo certbot --nginx
If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonly
Cloudflare also provides documentation on how to setup full SSL via LetsEncrypt w/ certbot: Cloudflare Knowledgebase - How to Validate a Let’s Encrypt Certificate on a Site Already Active on Cloudflare
Let me know if I can help with any of this, or if I've misunderstood something. Thanks!