You don't lose support for TLS, since Apache supports TLS. It's just
running Fossil as a CGI -- this is exactly how ChiselApp works.
On Tue, 27 Feb 2018, Warren Young wrote:
On Feb 26, 2018, at 3:33 PM, Thomas Levine <[email protected]> wrote:
Since it seems that the only dynamic stuff is in PHP and fossil,
I suggest using Apache mod_php and mod_cgi (contrary to Warren's
suggestion), as I think the configuration will be easier.
Of course, but then you lose HTTPS, which is the only reason my configuration
is difficult at all. If all you wanted is reverse proxying, you?d do away with
steps 1-6, simplifying the HOWTO considerably.
I don?t view TLS as optional for password-protected public web resources in
these post-Firesheep days.
Even if you don?t care about your own Fossil repo?s security, Google has been
punishing sites that are not available via HTTPS for a couple of years now,
both through reduced rankings in the search engine and through increasingly
strident warnings in Chrome.
That?s not speculation, Google?s been announcing these things publicly:
https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html
https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn
There may come a day when going to an HTTP-only web site will require multiple
affirmations asymptotically approaching ?Yes, I?m really quite certain I want
my face eaten by a rabid grue. Just let me look at this one web site first,
please.?
_______________________________________________
fossil-users mailing list
[email protected]
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
_______________________________________________
fossil-users mailing list
[email protected]
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
