09-20-2019, 07:58 PM(This post was last modified: 09-20-2019, 11:31 PM by esilverm.)
What’s up SHL! As you may or may not know, I am the new co-Server Manager alongside @DrunkenTeddy. Recently we have been discussing switching the site over to SSL. This change would make for a more secure sim league experience. However, before we do this, we want to make sure the switch won’t be a problem for anybody using the site. This means that we are looking for people who are willing to test out switching to HTTPS for us.
You may be asking yourself:
How do I do this?
To switch over to https, click this link: https://simulationhockey.com. It is that easy! Play around with the site however long you’d like and please fill out this google form so we can be sure the site is ready for this change. https://forms.gle/8MTo6ZC72bkJjvHc7
Do I get anything for doing this?
In return for this you get a sense of pride and accomplishment.
09-22-2019, 01:25 AMgoldenglutes Wrote: What's up with this (on firefox)?
EDIT: seems to only be on thread pages, it looks like it's from the images for smilies like are being hosted on the non-HTTPS site
Also, on the banking page, when you click on "Your bank account", it links to the non-HTTPS version of the page.
Also, after you edit a post, it spits you back out to the non-HTTPS version of the thread.
This is great, thanks for listening to the vocal minority who cares about this stuff!
Thanks for testing! The Firefox message you are getting is due to mixed media that is included on the page. Having mixed media as a problem is a lot better than having the whole site unsecured. Unfortunately it may be really hard to get rid of the message since many sigs include off-site images and everybody would have to switch their sig/avatar links to https for the site to show up as fully secured.
As for banking and editing posts, that is just how the buttons or links are currently listed as. Once we switch to SSL if you get sent to the HTTP site you will be automatically redirected to HTTPS so these problems are very minor and only occur with our current setup.
When we switch over to https we will be modifying the site to use it as default and links to smilies, banking, and other pages should go to https rather than http. So some of the mixed content warnings will go away. Unfortunately that doesn't affect off-site hosted avatars and signatures, which we can't fully control. That being said I believe we'd prefer mixed content warnings over insecure warnings.