Results 11 to 20 of 28
-
July 31st, 2019, 01:41 AM #11
Re: Can we get some HTTPS up in here?
I've been around long enough to recall the referenced thread... Back then, I didn't care as much, but this idea has come due. No site should be non-SSL (TLS 1.2 or better) these days.
"A nation of sheep will beget a government of wolves." ― Edward R. Murrow
-
August 8th, 2019, 03:39 PM #12
Re: Can we get some HTTPS up in here?
As someone trying to change a forum to https, I can confirm the difficulty of such a venture. The cost benefit seems hardly worth it considering the nature of this forum.
Life has a melody. Not great, not terrible.
-
August 8th, 2019, 09:51 PM #13
Re: Can we get some HTTPS up in here?
I'd be more than willing to help get this set up. Working in IT, I deal with this constantly. I'd say the benefit is well worth it, as it confirms every user sending a username/password to the server isn't getting intercepted by a malicious party. Working with "end users" daily, it's common place for people to reuse passwords. While that habit is bad, it happens, and if those passwords can get stolen it increases chances of popping their other accounts.
Sorry for all the techy talk here, but just trying to add some benefit to the effort. If i'm able to assist I'd be glad to!
-
August 10th, 2019, 03:47 PM #14
Re: Can we get some HTTPS up in here?
it's not really hard AT ALL. the only work Dan (or whoever) has to do is generate some free certs, change the configs some, reboot apache or nginx or whatever and then make sure all non-https links are being proxied correctly so it doesn't result in a mixed content warning...
it's actually kind of a joke that in 2019, a political site like PAFOA isn't running over HTTPS...Peace, Prosperity, and Liberty
-
August 11th, 2019, 05:27 PM #15
Re: Can we get some HTTPS up in here?
No it's not, especially with lets encrypt. We just need an admin to get this going....
-
August 13th, 2019, 04:50 PM #16Super Member
- Join Date
- Jan 2012
- Location
-
somewhere,
Pennsylvania
- Posts
- 624
- Rep Power
- 21474849
Re: Can we get some HTTPS up in here?
Yes, Exactly. We are a big juicy target just waiting to be attacked. I'm confident there are elements out there that would love to identify and dox our users.
Whether you want to admit it or not, lack of HTTPS does put our members at risk. Not all of our members are tech savvy and I believe forums like this one should endeavor to provide HTTPS, at a minimum, in order to attempt to protect the privacy and security of our users. In 2019, it's almost negligent not to do so.
In addition to the password reuse issue, anyone who uses the PM feature to contact another member about an item in the classifieds has to disclose some sort of alternate contact info which could itself be considered sensitive. I'm betting not everyone creates a new burner email every time and then monitors it diligently for a reply.
In case anyone hasn't noticed, gun rights are under attack, and the opposition doesn't really seem to care about fighting fair.
I'm very thankful to those who have volunteered their time to help fix this issue. I'm hoping someone with the authority to act takes someone up on their offer.I am not a lawyer.
-
August 13th, 2019, 08:13 PM #17
Re: Can we get some HTTPS up in here?
Can we get an admin to weigh in? What's it going to take? Money? Labor? I will help with both. This really needs to happen - we need to secure this site and everything that goes between it and our members.
"A nation of sheep will beget a government of wolves." ― Edward R. Murrow
-
August 13th, 2019, 09:16 PM #18
-
August 18th, 2019, 07:26 PM #19
-
August 18th, 2019, 07:27 PM #20
Re: Can we get some HTTPS up in here?
last I knew, danp owned the site. as per their team listing, it still says he's an admin:
http://forum.pafoa.org/showgroups.phpPeace, Prosperity, and Liberty
Similar Threads
-
Move to https://
By free in forum Support & SuggestionsReplies: 38Last Post: March 21st, 2016, 10:23 PM -
https://thefirearmlawyers.com
By carl_g in forum NFA/Class 3/Title IIReplies: 0Last Post: December 30th, 2014, 09:49 PM -
https://www.checkpointusa.org unbelievable
By Biggworm in forum GeneralReplies: 0Last Post: January 7th, 2009, 04:53 AM
Bookmarks