SSL

Have a question? Ask here, and a member of the staff will do their best to answer it for you!
Post Reply
Treymiar
Chief Petty Officer
Chief Petty Officer
Posts: 240
Joined: Sun Aug 04, 2013 2:15 am

SSL

Post by Treymiar » Mon Apr 13, 2015 11:01 am

SSL

You might have noticed, but many, many domains have begun protecting their websites with SSL, Secure Socket Layer. This generates an encrypted tunnel between the user and the website, turning and HTTP page into an HTTPS page. Certificates need to be renewed about every 3 years, I think. It doesn't require any redesign of your actual website content to implement it.

- This protects users from having ISPs, particularly internet cafes, from sniffing out passwords and message content. (Assuming that the cafe doesn't have worm-infested public workstations.) So when you go to your favorite restaurant and whip open your laptop, the house ISP can only log which sites you visit, not your login information or communications content.

- HTTPS also protects users from the newer 'Super Cookies', a recent and difficult to eradicate cyber tool which can easily be misused for privacy invasion.

A single SSL Certificate should be able to protect the entire pegasusfleet.net domain and all its hosted sites. For the prevention of ISP password theft alone, I heartily recommend it. I set it up for my own domain (on GoDaddy). I had to add a couple of lines to my root htaccess file, but once I did that, anyone who visited the old HTTP address is now seamlessly redirected into HTTPS protection. Most modern computer operating systems have SSL negotiation built into them. Is it NSA proof? Pffft... not even. They've long had keys to the back door.

{edit} An SSL certificate shouldn't be terribly expensive. If you decide to implement it, let me know how much it costs. I'll donate a few quatloos to help out.

- PSF
Image

"Sometimes, people become enemies because they don't understand each other.
Other times, they become enemies because they do."

Treymiar
Chief Petty Officer
Chief Petty Officer
Posts: 240
Joined: Sun Aug 04, 2013 2:15 am

Re: SSL

Post by Treymiar » Mon Apr 13, 2015 11:58 am

Post script:

If possible, Nova needs to be tested at a site which uses SSL. Make sure that it can display properly. I had some very old SMS sites at my domain which didn't display properly after installing SSL. Menu items were fine, but background and arrangements were off. This might have had something to do with the 'skin' trying to interact with 3rd party non-SSL, but that's purely a guess on my part. Nova is more advanced server software, so it might not have that problem. However, if it does, I'd hate to see all the PF sims get torpedoed. (Although, if you didn't invoke automatic redirect, then users could opt for the old unprotected HTTP path.) I personally would rather use protected HTTPS that looks wonky than unprotected pretty sites. But I'm getting ahead of myself. Nova might behave perfectly fine through SSL.

My phpbb forum works just fine after SSL was installed.

- PSF
Image

"Sometimes, people become enemies because they don't understand each other.
Other times, they become enemies because they do."

User avatar
Williams
Admin
Admin
Posts: 824
Joined: Fri Oct 09, 2009 2:20 pm
Location: England
Contact:

Re: SSL

Post by Williams » Wed Apr 15, 2015 8:03 pm

I'll take a look into it. Definitely worth looking into implementing, though I'll need to figure out a way of testing it before going live on it - as you said, we don't want any hosted sim sites to break, and both the Wiki and the main IFS site are pulling their primary font from an external Google cache, so we might need to shift that font to being hosted in-house if it causes issues with pulling in through 3rd parties.

Post Reply

Return to “Questions for PF Staff”