BotB Now Has HTTPS
BotB Academy Bulletins
Level 27 Hostist
Not everything has switched over completely, but we're at least at 95% done getting all site URLs updated. The original http should still be working for people who don't want https for whatever reason. Please post any breakage you find here and I'll get it fixed.
Level 27 Renderist
post #101055 :: 2018.06.21 12:45pm :: edit 2018.06.21 12:46pm
  sleeparrow liēkd this
thank you. is this adding toward cost?
Level 27 Hostist
post #101056 :: 2018.06.21 12:53pm :: edit 2018.06.21 1:45pm
  petet, Savestate and kleeder liēkd this
Nope. I was digging through dreamhost's control panel trying to find info about the lag we've been experiencing and saw `https` as an option. There was a payable version and two free versions. I'm in a holding pattern at work so I thought I'd give it a go!
Level 24 Chipist
post #101059 :: 2018.06.21 2:12pm
wow, the site is noticeably faster now! is this why?
Level 27 Hostist
post #101063 :: 2018.06.21 3:02pm
i honestly have no idea :shrug:
Level 27 Renderist
post #101087 :: 2018.06.22 6:27am :: edit 2018.06.22 6:51am
  anewuser liēkd this
gotta find a way to add https to links. when you travel around the site, it defaults to http links from https. kthx.

funny thing is that i'm even using HTTPS Everywhere

edit: really strange. seems like some sections of botb will give http links and some will give https; and it doesn't really make a pattern as to which.

sometimes when you visit an https link the images won't be linked with https.
Level 27 Hostist
post #101094 :: 2018.06.22 11:13am
  anewuser liēkd this
Can you give me specific examples?

The only http inside https for images I know of right now are the sprite characters that count ohb trophies on profile pages.
Level 26 Chipist
post #101095 :: 2018.06.22 11:22am
don't know how sites like google, yahoo, youtube and bing are handling https, but they are still able to load on older browsers.
Level 23 Mixist
post #101096 :: 2018.06.22 12:25pm :: edit 2018.06.22 12:45pm
is there a way to use a CA that browsers trust?

even if you get https to work correctly everywhere, i'd assume people would think the self signed "unsafe" certificate would give off the impression that it still doesn't work.

but i guess letsencrypt (or the likes) hasn't been chosen for a good reason. so maybe nvm this.

edit: maybe this was due to my own cache. or me being on crack or w/e. suddenly seems to be no issues anymore (and the cert is trusted)
Level 27 Renderist
post #101097 :: 2018.06.22 12:30pm :: edit 2018.06.22 9:31pm
Things seem to change time to time. Assume that I'm always using HTTPS.


- "Recent Activity..." links from homepage
- "Bulletins, News, and Development..." from the homepage.
- User surveillance links from Admin page.
- "Help" link at bottom of page.
- Certain BotB links in the Lyceum, "Glossary"

That's a start for now.
Level 27 Hostist
post #101103 :: 2018.06.22 2:02pm
Thanks. I'll try to knock those out today.
Level 17 Chipist
post #101105 :: 2018.06.22 3:22pm
HTTPS :ZUNgasm: :ZUN_nut:
Level 27 Hostist
post #101121 :: 2018.06.23 12:22am :: edit 2018.06.23 3:41pm
  Savestate, anewuser, b00daw and zygrunt liēkd this
These things fixed --

thread links on homebunk
creative commons links/images
`help` link in footer
lyceum glossary article links
botbr profile trophy case links
sprite text counters for ohb tropiez
user surveillance links from Admin page

Pretty sure the above cover all cached templates. The goal is to make sure links don't accidentally flipflop botbrs between unsecure and secure browsing. Possible to force a redirect from http to https in the future.
Level 27 Renderist
post #102261 :: 2018.07.21 2:51am :: edit 2018.07.21 2:51am
  petet, anewuser, MiDoRi and Savestate liēkd this
using google search within BotB results in non-HTTPS results within Google.
Level 14 Mixist
post #102352 :: 2018.07.23 1:49pm
  Producer-san, Savestate, kleeder, MiDoRi and Slimeball liēkd this
was waiting for the day public toilets would be safe
Level 27 Hostist
post #102370 :: 2018.07.24 7:36am
So I added `https` to the search query if you're on https, but seems like google don't give a shit.

Level 27 Renderist
post #102373 :: 2018.07.24 9:42am
  djmaximum hæitd this
  Savestate liēkd this
right, i think google hasn't propagated any search resluts from using HTTPS. that seems the case.

does this help?

could you force the server to redirect to HTTPS? that way the bots scrape HTTPS
Level 27 Hostist
post #102374 :: 2018.07.24 9:46am
  Savestate liēkd this
yeah -- that would be the final step

just curious if for any reason there are people who can't use https
Level 26 Chipist
post #102376 :: 2018.07.24 11:18am :: edit 2018.07.24 11:29am
  Slimeball liēkd this
Safari 5 will not let me use the https version of the site, so I'll still use the http version.
Level 27 Renderist
post #102429 :: 2018.07.26 4:31pm :: edit 2018.07.26 4:54pm
  djmaximum and Slimeball hæitd this
  kleeder liēkd this
pukey pukes: move forward with HTTPS. people (and djmax) will need to adapt.

most of us are able to connect using HTTPS. there are ways around things. HTTPS benefits everyone. it's more secure and keeps nefarious shit mostly away for you client-side on your activities. instead of you complaining about why something good (objectively) is being implemented and why your current format does not support it, this is a calling to you to assure it's supported for you and your platform. there should be many ways for it to be available for you.

this isn't some corporate rhetoric where a for-profit company is telling you to accept something for their will of gain. honestly, i think puke just decided to accept something because he thinks it would help against bots and shit. (don't think we really know if it will or not. however, the potential is there against mitm attacks.)

i know you're borderline half-troll and pure-autist. and i don't blame you for it. keep growing. and again... keep growing (djmax.)


we need to do this for a while so that google propagates HTTPS search results. otherwise it maintains HTTP only. or someone can help puke program a non-Googlespiderbot search system... however that also kills our resources... So no... HTTPS is the best way.
Level 26 Chipist
post #102438 :: 2018.07.26 5:14pm
  RazerBlue6 and kleeder hæitd this
No pleas don't I'm not ready for it yet
Level 27 Renderist
post #102439 :: 2018.07.26 5:19pm
  anewuser liēkd this
the sooner we migrate the quicker you'll find ways of it being available to you. you already found your issue of being able to join IRC solved.
Level 27 Chipist
post #102440 :: 2018.07.26 5:34pm
could someone host a https? does sanyone has the badge already? :(
Level 26 Chipist
post #102442 :: 2018.07.26 5:37pm :: edit 2018.07.26 5:39pm
  RazerBlue6 hæitd this
I'm not ready to use Mozilla FireFox yet. I'm too scared to host an ohb with that browser because it will crash if I try to host one with FireFox 48.0.2 instead of Safari 5.1.10, and that is the reason why I refuse to switch over to https.
Level 27 Chipist
post #102564 :: 2018.08.02 3:16am
i'm using https but some of my alerts are still linking to non-https
Level 27 Hostist
post #102575 :: 2018.08.02 2:02pm
  kleeder liēkd this
hmmm... alerts and the links in tweets could be changed to https only... but uh.... maybe?

LOGIN or REGISTER to add your own comments!