Results 1 to 4 of 4

Thread: Force Forum traffic Over SSL

  1. #1

    Force Forum traffic Over SSL

    It's 2019 and things like Letsencrypt/Certbot make this dead simple (and free).

    https://letsencrypt.org/
    https://certbot.eff.org/

    Edit: I guess they didn't like my suggestions as I am now lost in the moderation hole. To whoever is moderating, the step-by-step instructions I posted here on how to accomplish this were for your benefit. Good luck all, I'm out.
    Last edited by another_registration; 03-30-2019 at 02:11 AM.

  2. #2
    Senior Member
    Join Date
    Aug 2012
    Posts
    232
    Yeah...I don't think anyone working for this company gives a shit about their users security unfortunately. Just another reason to not re-use passwords between sites.

    http://www.beyondpod.com/forum/showt...arked-Insecure
    http://www.beyondpod.com/forum/showt...TPS-encryption

  3. #3
    Quote Originally Posted by phalkon30 View Post
    Yeah...I don't think anyone working for this company gives a shit about their users security unfortunately. Just another reason to not re-use passwords between sites.

    http://www.beyondpod.com/forum/showt...arked-Insecure
    http://www.beyondpod.com/forum/showt...TPS-encryption
    I hadn't seen those. Reading the responses it sounds like whoever is managing the site doesn't have the expertise to do it.

    If anyone from BeyondPod should read this, this is all you need to do to get it up and running if you are on a linux box with Apache or Nginx (Note you need to run this as root or, if it's a sub account, one that has sudo privileges without password; IME root gives fewer errors on renewal):

    Using Ubuntu as an example, adapt to whatever flavor your server is running.

    Nginx
    Code:
    # add the repo and update
    sudo add-apt-repository ppa:certbot/certbot
    sudo apt-get update
    
    # install certbot
    sudo apt-get install python-certbot-nginx
    
    # configure the site with nginx flag
    sudo certbot --nginx -d www.beyondpod.com # you are forcing everything over www so no need to do it for the bare domain
    
    # when it asks if you want to redirect, I would suggest you do to force all traffic over SSL
    
    # make sure the installation was successful
    sudo certbot renew --dry-run
    Apache
    Code:
    # add the repo and update
    sudo add-apt-repository ppa:certbot/certbot
    sudo apt-get update
    
    # install certbot
    sudo apt-get install python-certbot-nginx
    
    # configure the site with apache flag
    sudo certbot --apache -d www.beyondpod.com # you are forcing everything over www so no need to do it for the bare domain
    
    # when it asks if you want to redirect, I would suggest you do to force all traffic over SSL
    
    # make sure the installation was successful
    sudo certbot renew --dry-run
    The above should work, but PM if you like and I can send you a quote to set this up (I develop webapps and manage deployment for my clients).

  4. #4
    Quote Originally Posted by phalkon30 View Post
    Yeah...I don't think anyone working for this company gives a shit about their users security unfortunately. Just another reason to not re-use passwords between sites.

    http://www.beyondpod.com/forum/showt...arked-Insecure
    http://www.beyondpod.com/forum/showt...TPS-encryption
    I posted step-by-step instructions on how to do this quite a while ago and it is still "in moderation" so it seems you are correct.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •