Maybe on a security note: Would it be feasible to make an SSL connection (https) mandatory when connecting to the forums? Or at least after logging in to the forums.
We are waiting an SSL cert from letsencrypt
Superb that you will be using letsencrypt. See LinkedIn discussion I started in Linux Experts group: https://www.linkedin.com/grp/post/49301-6049582757699469314
(need to be member of the group)
We’re not using SSL on this site because discoursehosting, our hosting provider, ask price a bit high (twice the current) just to set up a custom SSL certificate.
Discourse is not quite using LE yet, but it’s in the works, I hope in the next upgrade
@alefattorini, Any update on the certificate options with discourse hosting?
They’re still working on it
Bumping this discussion.
Would it be a good idea to automagically redirect to https if a request is done to http? Especially for log-in pages, but preferably for all pages on *.nethserver.org domain(s) (and remove all http content if you are busy with it)
We weren’t able to do that so far due to discoursehosting restrictions.
Now I discovered that they have added SSL support to our profile. Now SSL it’s forced here