It's Time Techweez

tls
ssl
techweez

#1

Hey Techweez, it’s time you installed TLS protocols on this website. As a tech site, lead by example (though others have already done that) :grin::grin::grin: This is serious though. Most of the other Kenyan tech sites have some form of security protocols. Je nyinyi?
Capture


#2

Yes they should. It’s trivially easy to do and free these days. Personally I recommend Let’s Encrypt.


#3

maze,its about damn time they secure this forum…


#4

I have been on cloudflare for free on 3 websites for almost 1 year now.


#5

I join u in this push it’s time techweez, secure your sites in 2018 it’s a shame we still talking basic security like encryption and site security take our data and security seriously CC @martingicheru


#6

Agreed. It’s about time. It’s getting awkward recommending Techweez as a leading tech site then peoples browsers telling them it’s ‘not secure’


#7

By the time this thread started I’d already purchased and set up SSL. What’s pending is SSL for the forum because its a more technical process without cPanel. But it’s WIP.


#8

Hat tip for the quick response time.

Don’t forget to setup a HTTP 301 to automatically upgrade users to HTTPS.


#9

:thinking: am not that good in comp science, can someone explain why its showing https in @martingicheru side but not ours?

ama ni hii?


#10

Yes exactly.

Their configuration needs some tweaking.


#11

Nimerust kidogo, when I need to get things done I actually start learning them afresh, even setting up SSL I was using How-tos. The devs hapa who can get me assisted have been out of the office for the last few days.


#12

Learning by practice can be very rewarding. Go for it!


#13

This is how I survived campus. I had (still have) so many interests and not enough resources to complete them all in the set time, so decided to practice what interested me and learn as I encountered obstacles.


#14

This is what I see on my end, so we see these changes slowly I guess.

image


#15

Firefox and Chrome are throwing errors on my end.

A quick look around shows that a banner is being served by default on HTTP. A HTTP 301 redirect should solve that problem.


#16

Chrome asked me to clear cookies and it loaded https. But says “not fully secure.” I googled that :smile: and saw its cuz of mixed content (http na https). I guess by the time @martingicheru is done it will be fine.
Capture


#17

For now tutangoja. Then next I figure out the forum too.


#18

Martin, Just Use “Really Simple SSL” Plugin. All the Techweez’s problems shall be sent to the cross of the Lord.


#19

I was half hoping we start sharing dev hacks on here. This is a good start. Let me see what it can get me.


#20

By the way I can confirm that all of the back end including the login page have the padlock. We are only addressing the front end.