This topic was archived here:

https://web.archive.org/web/20230000000000fw_/https://www.zenhax.com/viewtopic.php?t=3724

aluigi, posted Tue Jan 24, 2017 8:48 pm (20401)

---

If you are logging in the forum from an untrusted connection (free wifi, or a wifi not owned/controlled by you) then you may prefer to use the secure connection to the forum:
https://zenhax.com

Both HTTP and HTTPS remain available:

• If you are at your home: use HTTP (maybe faster) or HTTPS
• If HTTPS gives you problems: use HTTP
• If HTTPS doesn't work in a certain moment: temporary try HTTP
• If you are in an Internet Cafe or other public places: use HTTPS

aluigi, posted Sun Jan 29, 2017 4:03 pm (20495)

---

I would like your opinion about:

• leaving everything as is now, so it's up to the user to use the http or https website
• forcing the https website

What you would prefer and suggest?

Nowadays it's common practice to force https if available making impossible for an user to use the "old" unencrypted connection, but personally I think that leaving both would be better so the forum will be ever accessible in case of problems (old web browser or port 443 unreachable or problems on the https service).

atom0s, posted Sun Jan 29, 2017 7:43 pm (20515)

---

Leaving both should be fine, let the user choose what they want to use. Perhaps make mention somewhere easily seen that the site offers https as well in case people miss it or don't see these update threads.

aluigi, posted Mon Jan 30, 2017 11:08 am (20526)

---

Added a note in the "Site description" and set this topic as "Global"

lorak, posted Thu Feb 02, 2017 5:03 pm (20586)

---

I agree, keep both options.

coredevel, posted Sun Jan 07, 2018 2:53 pm (31361)

---

If SSL certificate expires, Firefox browser won't let you visit the website. I can't even visit that other site, xentax, right now, because they are too lazy to renew their SSL certificate. So, significant loss of web traffic if SSL certificate goes *poof*.

aluigi, posted Sun Jan 07, 2018 3:38 pm (31363)

---

That should not happen here on zenhax because certificates are automatically renewed.

aluigi, posted Fri Sep 14, 2018 5:29 pm (38358)

---

Now HTTPS is available on my website too: https://aluigi.altervista.org

HTTPS is useful only if you are going to download quickbms or other tools from untrusted connections (public wifi) and, exactly like on zenhax, both http and https are and will remain active without any "forced" https.

The only downside of enabling https is that it required to use cloudflare and consequently some parts of the website may not be 100% original, just small things like for example my email address on top of the page that is no longer visible without javascript ([email protected]).
Or maybe some files that are magically no longer available even if they are phisically on the server like http://aluigi.altervista.org/poc/chromerda.zip (mah?)

Anyway who cares, now https is there so you can use it if you need it.

https is available also on the https://aluigi.zenhax.com mirror but the certificate is the same of zenhax.com and the browser may annoy you.

atom0s, posted Sat Sep 15, 2018 12:18 am (38384)

---

Your file link for https://aluigi.altervista.org/poc/chromerda.zip returns a 403 (forbidden) code, so it looks to be a configuration issue on your server causing it to fail.

aluigi, posted Sat Sep 15, 2018 2:59 am (38386)

---

I removed and reuploaded the file and now it works correctly.
It was a mistery issue randomly found by mistake, it's perfectly possible that it gave the same error even before
Apparently cloudflare "hijacks" (in a non-negative sense) the html pages only.

mcpherson, posted Sat Sep 15, 2018 9:58 pm (38432)

---

aluigi wrote:

I would like your opinion about:

• leaving everything as is now, so it's up to the user to use the http or https website
• forcing the https website

What you would prefer and suggest?

Nowadays it's common practice to force https if available making impossible for an user to use the "old" unencrypted connection, but personally I think that leaving both would be better so the forum will be ever accessible in case of problems (old web browser or port 443 unreachable or problems on the https service).

i agreed with both of you thanks....

aluigi, posted Wed Oct 31, 2018 7:47 pm (40004)

---

Stupid Cloudflare.
Yeah if you see a "Warning: Suspected Phishing Site Ahead!" on my website, it's just that stupid Cloudflare that I was forced to enable for HTTPS.

Trying to find a solution now...

aluigi, posted Wed Oct 31, 2018 8:53 pm (40007)

---

Now everything is working.
Not sure if HTTPS will continue to work, currently it works if it will stop I will try other settings.

aluigi, posted Tue Dec 04, 2018 12:12 pm (40987)

---

I made a small restyling of my website for making it more mobile friendly and hopefully more readable too by switching from "table" (yes we are in the 90's!) to "div".

Don't be scared when you see it, it's a little change that was necessary after over 15 years

atom0s, posted Sun Aug 02, 2020 7:24 pm (57868)

---

Looks like the SSL cert. expired again.

aluigi, posted Sun Aug 02, 2020 9:23 pm (57872)

---

Yeah again.
I don't know why sometimes it gives this problem, the renewal it's all up to the host provider.
Luckily I noticed it just today while checking the feeds and they quickly fixed it.
It will happen again... that's sure.

atom0s, posted Mon Aug 03, 2020 2:32 am (57875)

---

aluigi wrote:

It will happen again... that's sure.

Haha, it happens, no worries.

atom0s, posted Sat Oct 31, 2020 7:32 pm (59876)

---

Quote:

It will happen again... that's sure.

Happening again now hehe.

atom0s, posted Sat Jan 30, 2021 10:14 am (61902)

---

Looks like it just expired again.

LolHacksRule, posted Wed May 19, 2021 3:45 pm (64139)

---

Dang expired yet again.

aluigi, posted Thu May 20, 2021 11:46 am (64153)

---

Yeah, but this time it was due to a "migration" done by the hoster (I didn't know anything).
Let's see if the problem will happen again with this new platform.