Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
2 posts
|
I love this forum and dont want to leave Nabble but I need SSL/HTTPS on my domain. How do I get nabble to work properly this way?
It must all be HTTPS so that the padlock is green and trusted. Regards |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4198 posts
|
We don't have an easy solution for this problem. We would have to install a certificate on our end and this isn't simple because each Nabble forum has its own domain name. We won't support this in the near future. May I ask you why you need this?
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
2 posts
|
That is a great shame, I think I will have to migrate in that case. People feel far more comfortable with a little padlock in the corner showing HTTPS, in addition it looks more professional and so if it is a forum for a business it adds a higher implied level of professionalism for that company in comparison to those without SSL.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
495 posts
|
In reply to this post by Hugo <Nabble>
Hugo,
I would like Nabble to revisit adding SSL/https support - even if it's something like paying Nabble to install a security certificate that we have purchased elsewhere. As you are aware, Firefox has recently updated their browser to warn users when they click on the password field that they're logging into a site that is insecure. The future of the web is that more and more browsers are adding these warnings and may eventually not even serve pages at all that are not secure. Quote from https://www.thesslstore.com/blog/firefox-chrome-warning-about-insecure-login-pages/ You asked, why a secure site is needed for a forum without sensitive data? This is why... I run a membership site of which my Nabble forum is a portion of. I need to have a secure site to process payments for those memberships. My site is a WordPress site and while my payment pages are secure and payment data is stored on a secure site, with the recent changes (warnings) to Firefox, my members are asking about whether it's safe to login to my site. I know it is, I know that payment & personal information is stored offsite, but they don't. Being able to secure my site with SSL gives my members the sense of security (and even more so professionalism) that they expect. The discussion regarding SSL and the recent change of Nabble to remove all ads has me wondering about the future of Nabble. For a service to remain successful, there needs to be a revenue stream. So how is Nabble recouping the loss of advertising revenue to remain a viable service? I like (ahem - Love?) Nabble, it provides me with features that I've been unable to find elsewhere (specifically - full post content delivered via email and the ability to subscribe to specific sections of a forum and not others). I've been with Nabble for about 4 years and I do not wish to jump ship and move to another platform (and I'm not even sure there is another platform to move to that meets my requirements). But I also need to be realistic and ensure that this portion of the service I provide to members will continue to be here for the long haul. I would appreciate a response to this post and if I need to pay for support to receive a response, please let me know. Sincerely, Coleen
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4198 posts
|
The SSL/https implementation is really hard and we don't see an easy way of implementing it at this point. I will give it more thoughts, but we can't promise anything for the future.
We have another business that can pay for the Nabble expenses. We all know that ads are annoying, so we have decided to disable them. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
495 posts
|
Hugo,
Thanks for the response. In working with my server support folks last night, it "appears" that things would work if you just installed a SSL certificate on your server for our sub domain name (as all the URLs resolve to that address). However, since we don't control the forum.sudsol.org sub domain (I'm assuming you do - it resolves to IP address 162.253.133.81) we can't even get a certificate for it. If we paid for a month of support would you be willing to get a free certificate (https://ssl.comodo.com/ has a free 90 day certificate for testing) and just install it on your site? This would be a good test to see if this approach would work for those forums that are using a custom domain name for Nabble and embedding their site on their page. Let me know. Thanks, Coleen |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4198 posts
|
It is not that simple (unfortunately). The HTTPS protocol runs on port 443 and we don't have this setup on our servers (Nabble has lots of custom code and that would require changes). Also, the forum code would have to detect if the certificate is available and always pick the right protocol (HTTPS or HTTP). These changes are not simple and we can't work on that at this point. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4 posts
|
Are there any "long term plans" to provide a solution (or workaround) for that? Dennis (sorry hugo, missclicked, didn't want to send you a PM) |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4198 posts
|
Unfortunately, no. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
4 posts
|
Unfortunately, for now, we'll have to have no security on our website for this to work. I hope that in the future you'll be able to provide security. It's very important for some websites (probably mine included since it's a member site).
|
Free forum by Nabble | Edit this page |