The Archive says they can, but I've asked WR for the files she had
trouble with and they'll try them out. To be sure, there wasn't a huge
amount of testing that took place, so glitches are not unsurprising.
kc
On 11/9/13 3:13 PM, Wilhelmina Randtke wrote:
I don't think Internet Archive will view https sites. Internet Archive
just a few weeks ago added the option to let you add a page while browsing,
and I have been unable to add https pages when I submit them.
-Wilhelmina Randtke
On Sat, Nov 9, 2013 at 2:09 PM, Ranti Junus <[email protected]> wrote:
Hi All,
If code4lb.org switched to HTTPS by default, can their content still be
archived by the Internet Archive?
thanks,
ranti.
On Thu, Nov 7, 2013 at 1:16 PM, Ordway, Ryan <[email protected]
wrote:
The simplest solution would be to modify the settings.php to start
pushing
everything over HTTPS once someone has hit an HTTPS URL. The current
code4lib server has been here at OSU longer than I have (and I've been
here
for 8+ years), and it's at MOST running at about 25% CPU capacity.
Pushing
everything over HTTPS is probably fine too.
As for additional administrative overhead, if someone else wants to
manage
the certificate procurement and renewal, it takes me about 5 minutes
every
year to put a new certificate in place and then restart Apache once I
have
a certificate file.
On Wed, Nov 6, 2013 at 8:34 PM, Chad Fennell <[email protected]> wrote:
On Wed, Nov 6, 2013 at 8:49 PM, Ross Singer <[email protected]>
wrote:
I guess I just don't see why http and https can't coexist.
They can definitely coexist, but there is a corresponding maintenance
cost
and a slightly higher risk profile (e.g. session hijacking is still
possible in a variety of mixed http/https configurations). I noticed a
a
pretty good, if a bit dated, run-down of the tradeoffs for various
secure
setups in Drupal
http://drupalscout.com/knowledge-base/drupal-and-ssl-multiple-recipes-possible-solutions-https
.
Even if the solutions have somewhat changed, it does get at the idea of
what some of the tradeoffs are between security, usability and
maintenance.
Just today, I noticed a security alert (
https://drupal.org/node/2129381)
for the Drupal 6 Secure Pages module where theoretically secured pages
and
forms could be transmitted in the clear. This is the module you'd most
likely use to achieve a mixed http/https site in Drupal.
I have personally tended to just put everything behind https because of
the
added work/modules/maintenance associated to running it along side of
http
(in Drupal, specifically), but I am a lazy person with access to free
certs
and ferncer servers.
HTH
--
Chad Fennell
Web Developer
University of Minnesota Libraries
(612) 626-4186
--
Bulk mail. Postage paid.
--
Karen Coyle
[email protected] http://kcoyle.net
m: 1-510-435-8234
skype: kcoylenet
