New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Anything else to help you sleep good at night?
@chief getting involved. (I know it is a dream)
Who is @Chief? /s
https://www.lowendtalk.com
>Implying @Chief would spring for an EV cert.
>Implying LET has the proper documents for an EV cert
If you're going to have SSL, have it everywhere. Just on login will do shit all for security as you can intercept session cookies elsewhere.
EV SSL Certs are so dumb. I would say about 99.1% of all users dont know/care about it
Wait. Let me get this straight: you mean to say tech-illiterate people don't know that in order to get the EV cert, you have to submit a bunch of documents proving you're a real business??? And on top of that, they don't know what an EV cert is??!?
You going to fly to New Zealand, find my address, come to my house, crack my 24 digit WiFi password and then sniff packets just to find my LET password? Go ahead.
Agree
And despite that, big companies like Valve still do it ¬_¬ useless.
New Zealand, here I come. Where did you say you lived in NZ again? Also, for security purposes, I'm going to need to verify your Wifi password.
just take his internet connect and put a hub on it with wireshark
I guess there is a more common scenario. Right now I use a LEB provider here to proxy my Internet connection. Without HTTPS, in theory, he could steal my password and session (cookies).
Funny how some folks demand almost similar documents/"proof" for a LEB host offer
And cue conspiracy theories.
Chief shot JFK
Liam is Justin Bieber's brother from a one night stand that the Bieber family won't agree to DNA tests for
Infinity snitched on bin Laden, leading to his death
This may interest a few people:
https://www.eff.org/https-everywhere
LET uses Nginx so why not SSL for SPDY support ?
@eva2000 - It runs on Nginx 1.0.13 - For proper SPDY support it needs to run Nginx 1.4. I think that a better option would be to just turn on the CloudFlare features and call it a day ;-)
I am now going to watch Logan's Run, sometime I like the runners, sometimes I like the sandmen.
pie > cake
^ I concur.
Hey Mr. @Mun I like pie...
Off-topic:
Does LET even have IPv6?
No, but LET once had Thanks button, does that count?
NEWBIE ! Control Panel - I need free / open source
I like Zpanel. what else is out there these days, needing something really very easy to be used.
Webmin is a bit of unfriendly to newbies.
Do I need to continue?
HTTPS on LET and similar forums is useful for at least one purpose: to protect people who use the same password in more than one place. E.g. on LET and in their E-Mail account. Yes you can say they shouldn't do that in the first place, but really, a cert from StartSSL is free, and I see no downsides from adding it (other than "oh but it's a whole 15 minutes of effort").
Having it NOT work on some devices/browsers can be detrimental when users are faced with a bright red warning page. It's also not free as they use cloudflare and would need to upgrade accounts (assuming they currently use free.) If they don't use the free account, they wouldn't need to purchase any SSL certs at all - just let cloudflare handle SSL.
I think this handles SSL like: User <-SSL-> Cloudflare <-No SSL-> Server
It can, or you can have ssl in the backend as well.