SSL (HTTPS)

[Victoria Bampton]

We've moved to an SSL connection for your peace of mind. Please let me know if you run into any issues. Thanks!

 

[Linwood Ferguson]

Curiosity question: How are you handling embedded links which are non-SSL. Going to embed a small one to see.

Postscript: Yeah, this is giving a mixed content message. Now the good news is many browsers no longer actually tell people (well, bad news if you believe in security). It seems we are in a period when "they" decided that web sites break this rule so often that it should be considered normal, but it is really is not normal and presents a security risk for content modification. I do not suggest it is an big deal for this site as a security risk -- but allowing mixed content may cause this site to get blocked if the pendulum swings the other way and vendors start blocking it again.

 

[Victoria Bampton]

It's using proxy images Ferguson. Fortunately the Xenforo developers seem to know what they're doing far better than I do!

 

[Linwood Ferguson]

That's fascinating. When I first put it in, I confirmed it tried loading the image directly and got a mixed content message. Now it's loading through the proxy as you mention, which removes the error. I wonder why it didn't on the first go, but won't clutter the topic with more experimentation, since it appears to work.

Now just make the flash player warnings go away.

 

[clee01l]

Now just make the flash player warnings go away.

 

[Victoria Bampton]

Flash player warnings?

 

[Linwood Ferguson]

There's flash on the page somewhere. I keep flash disabled for security reasons unless I really need it, and things seem to work OK, but apparently flash is used here somehow.

Flash needs to die. It's way past its time.

 

[tspear]

Flash player warnings?

The developers are using swupload, a fairly common but older tool to handle file uploads. With more modern browsers, the need to have the upload process in Flash has largely become OBE; and some people consider it a security risk. I also have Flash disabled and selectively allow scripts (NoScript plugin).

 

[Cerianthus]

Sorry to hear about the website mishaps.

By any chance, did you do anything in the forum that influences Tapatalk, or is that one just misbehaving on its own? (Can't login)

 

[Paul B]

We've moved to an SSL connection ...

That's good news. Is this being extended to the lightroomqueen.com domain?

 

[Victoria Bampton]

That's good news. Is this being extended to the lightroomqueen.com domain?

It is Paul. Working on it right now.

 

[Paul B]

... Working on it right now.

No kiddin' ... certificate installed!

 

[Victoria Bampton]

And I've just put a blog post up explaining everything that's changing.