- 14 Mar 2002
- 15,969
- 9,208
- 749
Dear valued Members,
as of today we will offer SSL-encrypted HTTPS connections to our users here on JREF. This is in response to Google's announcements that
What is SSL?
HTTPS is a secure version of the HTTP protocol — in fact, it's HTTP over SSL (Secure Socket Layer) or TLS as it should be called.
HTTPS uses very strong public-key cryptography to encrypt the connection between a client (often a web browser) and a server. No one but the server and the client can know what is being communicated. That requires an SSL certificate, which serves to verify the identity of the server via a certificate authority and provides the keys that are used to encrypt and sign data.
Providing the private part of the certificate remains private and there are no other hiccups in implementation, HTTPS is highly secure. Implemented properly, it's practically unhackable even if you're the NSA (probably).
Source
We have already (successfully) implemented SSL on our sister site and expect no major issues (fingers crossed). You might experience some funky website behaviour (non-loading CSS files, "mixed content" warnings, etc), but that should be of temporary nature. In case any glitches prevail, post them to this thread if possible.
Thank you!
as of today we will offer SSL-encrypted HTTPS connections to our users here on JREF. This is in response to Google's announcements that
- serving sites over HTTPS will become a search engine ranking signal
- beginning in January 2017 pages that collect passwords will be marked as "Not Secure" in Chrome 56 unless the pages are served over HTTPS
What is SSL?
HTTPS is a secure version of the HTTP protocol — in fact, it's HTTP over SSL (Secure Socket Layer) or TLS as it should be called.
HTTPS uses very strong public-key cryptography to encrypt the connection between a client (often a web browser) and a server. No one but the server and the client can know what is being communicated. That requires an SSL certificate, which serves to verify the identity of the server via a certificate authority and provides the keys that are used to encrypt and sign data.
Providing the private part of the certificate remains private and there are no other hiccups in implementation, HTTPS is highly secure. Implemented properly, it's practically unhackable even if you're the NSA (probably).
Source
We have already (successfully) implemented SSL on our sister site and expect no major issues (fingers crossed). You might experience some funky website behaviour (non-loading CSS files, "mixed content" warnings, etc), but that should be of temporary nature. In case any glitches prevail, post them to this thread if possible.
Thank you!