Posts: 5,817
Thanks: 113163 in 126 Posts
39 Achievements
View My Journal
Quote: Originally posted by JohanFoppa
Now all you need to do is add https to the site so that we can get rid of the "Not secure" warning in the address bar 😄
|
Converting a site this size to https is not actually a small task. Don't forget, every link in every post on every page needs to be https as well, that or offload the content to a proxy
Blocking insecure resources
A simple and straightforward way to make forums work properly under HTTPS is blocking all elements pointed to using http:// – simply make sure to Filter non-HTTPS images and Block non-HTTPS avatars etc You can notify your forum’s users that images and videos will be displayed if they provide https:// URLs.
Proxying insecure resources
It’s possible to keep displaying all content securely, regardless of the protocol used with a resource proxy. Instead of pointing browsers to original URLs (that the forum users provide), the content can be served from an own server that first fetches it from the original server and then forwards it to the end user – always over HTTPS.
This will require a resource proxy script, best if running on a server other than the forum’s (you will need a VPS or a dedicated server).