[Website] SSL and Security Improvements - Printable Version +- Hazeron Forums (https://hazeron.com/mybb) +-- Forum: Shores of Hazeron (https://hazeron.com/mybb/forumdisplay.php?fid=1) +--- Forum: Bug Reports (https://hazeron.com/mybb/forumdisplay.php?fid=17) +---- Forum: Prerelease Bug Reports (https://hazeron.com/mybb/forumdisplay.php?fid=21) +---- Thread: [Website] SSL and Security Improvements (/showthread.php?tid=2097) Pages:
1
2
|
RE: [Website] SSL and Security Improvements - AnrDaemon - 01-19-2020 (01-12-2020, 11:12 PM)Seathre Wrote: He really should pick one and have the rest permanent redirect to the primary domain.Not really, if these domains are used for different purposes. RE: [Website] SSL and Security Improvements - Seathre - 01-20-2020 (01-19-2020, 04:26 PM)AnrDaemon Wrote:Are you implying that they are in fact used for different purposes? And would those purposes make for SSL implementation to be unfitting, or even a hindrance??(01-12-2020, 11:12 PM)Seathre Wrote: He really should pick one and have the rest permanent redirect to the primary domain.Not really, if these domains are used for different purposes. RE: [Website] SSL and Security Improvements - AnrDaemon - 01-25-2020 (01-20-2020, 03:18 AM)Seathre Wrote: Are you implying that they are in fact used for different purposes?hazeron.com and softwareengineering.com ? Indeed. Quote:And would those purposes make for SSL implementation to be unfitting, or even a hindrance??wat RE: [Website] SSL and Security Improvements - Seathre - 01-25-2020 Hazeron.com, Hazeron.net and ShoresOfHazeron.com are all functioning in the same way, such that Apache is being told to treat them all as individual domains with the same root directory on the host machine. Then there is ShoresOfHazeron.net, which just gives a 404 page. Having these domains acting independently of each other causes issues. From a brief examination, any forms on the website direct you back to hazeron.com. Most links are relative, but there's a few absolute paths with hazeron.com. Instead of this mess of domain names that operate independently, it would be highly advisable to setup permanent redirects to hazeron.com, which seems safe to say is the preferred domain of Haxus. After that's taken care of, it takes but a couple more minutes to enable HTTPS and get a SSL certificate. It isn't difficult, it just hasn't been on Haxus's radar. However, if he continues operating his services insecurely, it's just a matter of time before some nefarious individual gains access to something they shouldn't and steals something, whether it be money or data. In fact whose to say this hasn't happened already? Things have been this way for years and years. Would Haxus even disclose this sort of incident if it were to happen? I'm going on a tangent here, but I want to reiterate that my chief concern here is the security of mine and everyone else's information, and the continued operation of this game. Keeping software up to date and using industry best practices for encryption and transmission of data is not too much to ask, especially when money is involved. |