I use "https everywhere" in my browser, and I never had a problem with the HPR site. I don't see that it is an issue. Yes, someone could do a Man In The Middle attack to someone using the http site, but that is really on the person using a non-encrypted connection in my view. And I'm not sure why anyone would bother. I have no login credentials to HPR that anyone could steal, and it is not exactly a secret that I listen to and contribute to HPR. I personally have a security cert on my sites because Google will downgrade them in search results if I don't.
Regards, -- Kevin B. O'Brien zwil...@zwilnik.com http://google.me/+kevinobrien http://www.google.com/profiles/Ahuka5656 http://about.me/zwilnik “People shouldn't be afraid of their government. Governments should be afraid of their people.” - Alan Moore, V for Vendetta On Wed, Dec 15, 2021 at 4:22 AM <k...@fallon.ie> wrote: > > > Admins, > > > > Ever considered using an LE cert for https for the website and putting a > > redirect in place > > to avoid browser security warnings? > > > > Cheers, Chris > > -- > > This email account is monitored seven days a week. > > > > _______________________________________________ > > Hpr mailing list > > Hpr@hackerpublicradio.org > > http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org > > > > We already have a https version of the site https://hackerpublicradio.org > > Issued For hackerpublicradio.org > Issued By cPanel, Inc., US ( cPanel, Inc. Certification Authority ) > Signature Algorithm RSA-SHA256 > > If there is anyone browsing the https site and is getting unencrypted > content back that should be fixed. Please ping me and I'll look into it. > > As far as discussing an automatic redirect from http to https, I would > like to be convinced of the need to do this. Everything on HPR is public > and open, so why should it be redirected to the encrypted version ? > > My personal (hpr host - not admin/janitor) mood on the topic is swaying > between it allows people to be browsing the site more privately, to > getting annoyed that this is been forced on everyone. So I for one would > not be in favour of forcing people from http to https automatically. We > already have a https site. If people want to use it then they may. If they > don't then they don't have to. > > What am I missing in the discussions ? > > -- > Regards, > > Ken Fallon (PA7KEN,G5KEN) > https://kenfallon.com > https://hackerpublicradio.org/hosts/ken_fallon > > > > > _______________________________________________ > Hpr mailing list > Hpr@hackerpublicradio.org > http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org _______________________________________________ Hpr mailing list Hpr@hackerpublicradio.org http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org
