https://cpdl.org

Forum for all users to discuss the implementation and operation of the ChoralWiki at CPDL
AlexMyltsev
Posts: 3
Joined: 04 Jul 2013 09:33

https://cpdl.org

Postby AlexMyltsev » 24 Jun 2016 13:47

Hi,

it seems that CPDL does not support HTTPS, even for the contributor wiki. An Apache webserver is listening on cpdl.org:443, but it just serves an error page. So contributors send their passwords over HTTP, like in 2005. It pains me to see this :-).

It should be pretty easy to get a free TLS certificate from letsencrypt.org and use it on cpdl.org, even if only for the contributor wiki. This should not take the administrator more than 20 minutes, and I'd volunteer to assist in the process (I have configured nginx to do this a number of times, it is straightforward).

We don't have to redirect people from HTTP to HTTPS at first, for fear of increased server load; the HTTPS option will just be there for the few security-sensitive contributors :-). Later, if the server load is acceptable, the login links can be changed to let everyone be more secure.

vaarky
Moderator
Posts: 1928
Joined: 22 Aug 2008 07:28

Re: https://cpdl.org

Postby vaarky » 06 Nov 2017 18:51

We're very sorry we overlooked replying on this. We have been and are continuing to work on this.


Return to “Operation and Implementation issues”

Who is online

Users browsing this forum: No registered users and 1 guest