HTTPS

oligalma · April 3, 2015, 11:24pm

I noticed that the yiiframework website isn’t HTTPS. Does it mean that our login credentials could be hacked by someone?

samdark · April 4, 2015, 8:28pm

There’s such possibility if you’re in a cafe using public wifi w/o VPN.

oligalma · April 5, 2015, 12:45am

really? I think that the owners of this site should buy a SSL certificate. It’s only 50 euros per year.

Da_Sourcerer · April 6, 2015, 9:31am

It’s even free with StartSSL. I however suspect there’ll be problems with assets serverd by CDNs among other issues. Would still be cool if this could happen one day

samdark · April 6, 2015, 9:36am

Noted.

Da_Sourcerer · April 6, 2015, 9:40am

Ah, while we’re at it: There’s also the Let’s Encrypt initiative backed by Mozilla et al.

Keith · April 6, 2015, 10:50am

I agree, it would be good to have SSL for authentication pages.

Da_Sourcerer · April 27, 2015, 6:57pm

As this may be interesting to others as well: There is a SSL Config Generator serving as some sort of counter-piece to SSL-Labs’ Online Test.

Edit: And there’s cipherli.st