Forum » General » Hedgewars Website discussion

Force HTTPS

2 replies [Last post]
Sat, 2016-09-10 16:34
Lyberta
Lyberta's picture
User offline. Last seen 4 years 16 weeks ago. Offline
Joined: 2016-09-10
Posts: 177

I've noticed that you use Let's Encrypt but the whole site is available via HTTP and search engines list HTTP version. I've found about HTTPS version by manually typing it. I suggest forcing users to use HTTPS as HTTP is horribly insecure.

Here's the .htaccess for Apache:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

My stuff

Top
Tue, 2017-04-11 16:15
#1
Firework
User offline. Last seen 6 years 4 days ago. Offline
Joined: 2013-01-11
Posts: 34

I would also like to see HTTPS used on the Hedgewars web site. Web browsers indicate much more prominently now when a web page is accessed unsecurely with HTTP. When I log into the Hedgewars web site, Firefox shows me this message:

"The connection is not secure. Logins entered here could be compromised."

Top
Mon, 2017-04-17 05:22
#2
Wuzzy
Wuzzy's picture
User offline. Last seen 29 weeks 3 days ago. Offline
Joined: 2012-06-20
Posts: 1304

I agree.

Hi, I am a Hedgewars developer. Smile

Top

User login

Copyright © 2004-2024 Hedgewars Project. All rights reserved. [ contact ]