#21
|
|||||
|
|||||
Quote:
There's lots of password managers out there. You need to make sure whichever you go with is secure. If it becomes compromised then they have everything. After looking into several, Lastpass was the one I settled on. |
#22
|
||||
|
||||
Wow, I can't believe the contrast in staff response between here and Reef Central to my question. Myka and Titus, you guys have gained a ton of respect in my books.
Charles
__________________
Where did my rum go?! Success in this hobby does not count how you spend your money, it counts how you spend your time. |
#23
|
|||||
|
|||||
oh interesting. I didn't realize Canreef had been running this long without HTTPS enabled.
Without HTTPS, our login ids and passwords and everything else are sent to the webserver in plain text for anyone between the network endpoints to read with a packet sniffer. Of course, the users most at risk are the ones that use the same id/email and passwords on other websites. That's how many people get hacked. There are free certificates now such as letsencrypt. I haven't personally used them myself but it looks popular. Taking a quick scan at some aquarium forums, reef2reef, reefcentral, bcaquaria, plantedtank, etc are all using HTTPS. Last edited by Samw; 01-05-2023 at 06:06 AM. |
#24
|
|||||
|
|||||
Hello
The plan is to migrate to Discourse and a lot of code was written to automate generation and rotation using Let's Encrypt, and no I'm not using certbot but written our own custom one. The UAT version was deployed on https://uat.canreef.com. You can see the cert expired on 20 Nov 2022. That's not the issue but the following. My original plan was to have the following: https://www.canreef.com/discussion for the discussion forums https://www.canreef.com/<other stuff> for other stuff And so I setup an NGINX reverse proxy to do this but there were some issues with Discuss supporting this. That was back in Oct and then I ran into a rabbit hole and then stopped. I could have gone with the following: https://www.canreef.com for discussion forum https://other.canreef.com for other stuff However doing it this way means we need different DNS alias entries for each incremental feature I want to add. It is not insurmountable as I setup our own DNS server with code as well but it's extra step and I really didn't like the idea of how the DNS look. Given how far we have gotten I'd rather just finish the work proper. Titus
__________________
A link to http://www.yahoo.com |
Thread Tools | |
Display Modes | |
|
|