Announcement

Collapse
No announcement yet.

vBulletin 4.2.3 and HTTPS

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Paul M
    replied
    I was responding to the comment on it being "safer".
    Despite what they may think, Google do not actually rule the internet, not everyone cares that much about google 'signals'.
    For your average forum, using https isnt going to make a lot of difference to how safe it is - it can still be attacked, ddos'd, spammed or hacked, just the same.

    Leave a comment:


  • Carsafety
    replied
    Originally posted by Paul M View Post
    There is a lot of hype about https, and for confidential internet usage (like banking, online purchasing etc) its certainly far far better, but such sites have been using it for many years already. For your average forum, which is basically just public text and images - it isnt going to make much of a difference at all.
    I thought the same until recently discovering this new Google policy starting on January 1st. If it does apply to forums, since they accept password/login information, then it will make a difference. Worse, they claim in the link I provided that the change will eventually be applied to all http pages. Google has also said that https has already become a minor signal for search ranking algorithms but could become more important. If those changes are ever made, that will be a huge difference to every forum and just about every other kind of website, too.

    I already have my certificate setup. I'm going to wait until an offpeak time this weekend to change the admincp settings. I've found these things never go quite as planned for one reason or another. For example, even having a cert installed required tech support, since my server had been running Varnish which apparently prevented recognition of the certification. They had to change to nginx. No fault of vBulletin of course, but it seems like it's always something. One thing I've heard is that if members have used BBCode to insert external images, these will cause a mixed media security icon or warning and may or may not break the appearance of the forum. I assume the mixed media warning isn't as bad as the upcoming NOT SECURE warning, so not a big deal if it only applies to some threads, but if it breaks up the appearance that is an issue.

    Leave a comment:


  • jagtpf
    replied
    Originally posted by Paul M View Post

    I dont recall "describing myself" to you at all, but how you view my comments is entirely up to you, I'm fine with them.
    As far as Cloud goes, I rarely work on it, but assuming you mean allowing https, that's as much to cater for google & apple as anything else.

    There is a lot of hype about https, and for confidential internet usage (like banking, online purchasing etc) its certainly far far better, but such sites have been using it for many years already. For your average forum, which is basically just public text and images - it isnt going to make much of a difference at all.
    You are correct , you haven't " described yourself " as such to me - I ' just ' looked at your description below your Avatar & Name and made an assumption about your role .

    As to your comment about the " hype " around HTTPS , that is also something I cannot disagree with - there's claim and counter-claim that doesn't make any decision any the easier .

    Thank you for your time .

    Leave a comment:


  • Paul M
    replied
    Originally posted by jagtpf View Post

    You describe yourself as " Lead Developer vB.Com & vB.Org " - as such I find your comment disrespectful to me as a customer . vB should be at the forefront of helping users make their Forums as safe as possible - why else are you instigating a change within vB5 Cloud versions ?
    I dont recall "describing myself" to you at all, but how you view my comments is entirely up to you, I'm fine with them.
    As far as Cloud goes, I rarely work on it, but assuming you mean allowing https, that's as much to cater for google & apple as anything else.

    There is a lot of hype about https, and for confidential internet usage (like banking, online purchasing etc) its certainly far far better, but such sites have been using it for many years already. For your average forum, which is basically just public text and images - it isnt going to make much of a difference at all.

    Leave a comment:


  • jagtpf
    replied
    Originally posted by Mark.B View Post
    https simply requires the certificate to be installed, and then you change the admincp settings to reflect the new URL
    Thank you Mark - if only your colleague had been as helpful .

    Leave a comment:


  • jagtpf
    replied
    Originally posted by Carsafety View Post

    I am interested also, and also surprised by the lack of expert guides on this. Consider that vBulletin inherently requires login password information, and my impression is that this is a trigger for Google's NOT SECURE warning starting in January: https://security.googleblog.com/2016...ecure-web.html . Before then, I will purchase/install a cert and make the admin CP change and then see what else is broken I guess. If you find a reasonable guide, please link it!
    Cheers - possible like me , you've found the advise elsewhere less than fulsome .... I would have expected more from vB - even if it's just a tag-on to the Manual ?

    Leave a comment:


  • jagtpf
    replied
    Originally posted by Paul M View Post
    You asked a very specific question ;

    "Does anyone have a guide on how to set up HTTPS on a vB4 Forum".

    If no one has answered, that would indicate that no one does.
    You describe yourself as " Lead Developer vB.Com & vB.Org " - as such I find your comment disrespectful to me as a customer . vB should be at the forefront of helping users make their Forums as safe as possible - why else are you instigating a change within vB5 Cloud versions ?

    Leave a comment:


  • Mark.B
    replied
    https simply requires the certificate to be installed, and then you change the admincp settings to reflect the new URL

    Leave a comment:


  • Carsafety
    replied
    Originally posted by jagtpf View Post
    I'm surprised that no-one , not even staff , have bothered to respond to this post - If vBulletin cloud sites are / have been migrated to HTTPS , then surely it would be courteous to provide some guidance for those of us running under lower order versions of vBulletin ?

    Is it really as simple as purchasing / registering SSL certificate , and make the necessary changes in Site details in Admin panel ?
    I am interested also, and also surprised by the lack of expert guides on this. Consider that vBulletin inherently requires login password information, and my impression is that this is a trigger for Google's NOT SECURE warning starting in January: https://security.googleblog.com/2016...ecure-web.html . Before then, I will purchase/install a cert and make the admin CP change and then see what else is broken I guess. If you find a reasonable guide, please link it!

    Leave a comment:


  • Paul M
    replied
    You asked a very specific question ;

    "Does anyone have a guide on how to set up HTTPS on a vB4 Forum".

    If no one has answered, that would indicate that no one does.

    Leave a comment:


  • jagtpf
    replied
    I'm surprised that no-one , not even staff , have bothered to respond to this post - If vBulletin cloud sites are / have been migrated to HTTPS , then surely it would be courteous to provide some guidance for those of us running under lower order versions of vBulletin ?

    Is it really as simple as purchasing / registering SSL certificate , and make the necessary changes in Site details in Admin panel ?

    Leave a comment:


  • jagtpf
    started a topic vBulletin 4.2.3 and HTTPS

    vBulletin 4.2.3 and HTTPS

    Hi guys ,

    Does anyone have a guide on how to set up HTTPS on a vB4 Forum , especially pitfalls etc ...

    warmly

    Geoff

Related Topics

Collapse

Working...
X