Hello, new here, thanks for the great space
I noticed a few mentions of enabling HTTPS (
Tilt Forums not working on latest Firefox for Windows , Tiltforums.com comes up as not secure ) but it appears it was never implemented. I just wanted to ask why that was and as a Software Engineer and System Admin offer assistance in any way (for this or anything else)
honestly it’s pretty egregious that it hasn’t been done by now… i know nobody is getting paid much if anything to maintain this site but secure login is like step one of setting up a website.
Ran a WHOIS check and saw that this is running in DigitalOcean. If they also manage the domain name, it should be pretty simple to enable a Let’s Encrypt cert.
Some DigitalOcean services, like load balancer SSL termination and custom Spaces CDN endpoints, require SSL certificates. You can upload or create certificates during setup of the features that need them. You can also upload, create, and remove...
As another sidenote, I recommend as a general best practice to use a randomized password for all of your website logins regardless of TLS. As far as password managers are concerned, I highly recommend Bitwarden.
I guess I will never understand why every damn thing on the internet needs to be https.
That’s the least of my concerns about the modern web… as far as something that looks like a viable alternative - Gemini:
Maybe for the same reason people put letters in envelopes instead of sending postcards?
because it’s trivial to implement and prevents man-in-the-middle attacks?
we can you run let’s encrypt on an JJP pin?