Force HTTPS

2 replies [Last post]
Lyberta
Lyberta's picture
User offline. Last seen 4 years 14 weeks ago. Offline
Joined: 2016-09-10
Posts: 177

I've noticed that you use Let's Encrypt but the whole site is available via HTTP and search engines list HTTP version. I've found about HTTPS version by manually typing it. I suggest forcing users to use HTTPS as HTTP is horribly insecure.

Here's the .htaccess for Apache:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Firework
User offline. Last seen 5 years 51 weeks ago. Offline
Joined: 2013-01-11
Posts: 34

I would also like to see HTTPS used on the Hedgewars web site. Web browsers indicate much more prominently now when a web page is accessed unsecurely with HTTP. When I log into the Hedgewars web site, Firefox shows me this message:

"The connection is not secure. Logins entered here could be compromised."

Wuzzy
Wuzzy's picture
User offline. Last seen 28 weeks 1 day ago. Offline
Joined: 2012-06-20
Posts: 1304

I agree.

Hi, I am a Hedgewars developer. Smile

User login

Copyright © 2004-2024 Hedgewars Project. All rights reserved. [ contact ]