Page 1 of 1

Tweaking4All more secure with SSL …

Tweaking4All more secure with SSL …
   4

Outfits like Google, Let’s EncryptcPanel and Comodo are pushing for a more secure Internet.
Obviously there is nothing wrong with that, and I commend them (and others) for pushing and supporting for this.

In this case we are talking about adding a so called SSL certificate to websites, allowing encryption, which can be identified by the url starting with “https”. In other words making the good old and regular “http” protocol secure.

In the past one would have to pay yearly to keep the SSL certificate valid, for every single domain, or pay even more for so called wildcard certificates. But, for basic purposes, this is no longer the case (for commercial use one still will have to pay for a certificate) – thank you Let’s Encrypt and Comodo for providing those free certificates.

Now keep in mind though that we have nothing critical here at Tweaking4All that would need encryption. However, in the push for website owners to start using encryption, Google has seemed to have gone the route where their browser will display messages that may look misleading to the end-user, for those website that do not support encryption. Not even mentioning the possible negative Google ranking impact for websites that are not encrypted.

So I’ve spend the better part of this weekend to implement SSL/HTTPS on Tweaking4All as well – it has caused some problems, and possible downtime and odd behavior of the website in the past 2 days. My apologies for that … you should now see a green “Secure” message near the address-bar of your browser.

Please feel free to report issues, or moments where this does not show a green “Secure” indicator – it’s not impossible that I overlooked one or the other small piece. 




Donation options


Donations are very much appreciated, but not required. Donations will be used for web-hosting expenses, project hardware or a motivational boost (a drink or snack). Thank you very much for those have donated already! It's truly AwEsOmE to see that folks like our articles and small applications.

Comments


There are 4 comments. You can read them below.
You can post your own comments by using the form below, or reply to existing comments by using the "Reply" button.

  • Jan 23, 2017 - 8:06 AM - BravoZulu Comment Link

    Thanks for these informations. Interesting.
    The site works well in secure (HTTPS valid)  

    But if I understand correctly, “Comodo” is free for only 90 days. (It can also be seen in your Certificate).
    So, if hosting providers allow “Let’s Encrypt“, this seems to be the best [free] solution. (Without annual fee).

    Guy-Laurent

    Reply

    BravoZulu

    • Jan 23, 2017 - 8:28 AM - hans - Author: Comment Link

      Hi Guy!

      Well, my webserver uses cPanel, which has a new feature called “AutoSSL” – when you enable that, the certificate will automatically be renewed before it expires. I just enabled it for all my users (which is pretty much only me hahah), and the CERTs appeared within seconds. The CERT for Tweaking4All automatically covers all parked domains and sub domains. Right after that I was able to use “https://”.

      You can choose between comodo and Let’s Encrypt in cPanel when using this option. Both are free, and both expire after 90 days.
      You even have the option to automatically renew existing SSL CERTs with this (I use one for my mail server).

      The only problems I had to solve was replacing “http” in posts and such to make sure I do not get any mixed content errors.
      Having said that, one other problem I had to fight with: Multi Domain Mapping, which I use with this setup to have the http://www.tweaking4all.nl and http://www.tweaking4all.com working. Only to find out that Domain Mapping plugins appear to be no longer needed with the current WordPress version.
      Last issue was related to cookies, by adding “define( ‘COOKIE_DOMAIN’, $_SERVER[ ‘HTTP_HOST’ ] );” to my wp-config.php file. 

      Reply

      hans

  • Jan 24, 2017 - 9:58 AM - BravoZulu Comment Link

    Hi Hans,

    Thank you for this additional information.

    Not sure to understand your first post :

    In the past one would have to pay yearly to keep the SSL certificate valid, for every single domain, or pay even more for so called wildcard certificates. But, for basic purposes, this is no longer the case (for commercial use one still will have to pay for a certificate) – thank you Let’s Encrypt and Comodo for providing those free certificates.

    So (in your case), after 90 days? What is going on?  
    Do you need to purchase an Annual Certificate? Or the free 90-day offer is renewed (by “AutoSSL”)?

    Regards,
    Guy-Laurent

    Reply

    BravoZulu

    • Jan 24, 2017 - 10:20 AM - hans - Author: Comment Link

      Hi Guy!

      With AutoSSL, the CERT get’s updated automatically before it expires. There is no user intervention needed, it just automatically keeps updating … 

      So I get the 90-day CERT automatically, for free, and it’s automatically updated.

      Reply

      hans



Your Comment …

Friendly request to not post large files here (like source codes, log files or config files). Please use the Forum for that purpose.

Please share:
*
*
Notify me about new comments (email).
       You can also use your RSS reader to track comments.


Tweaking4All uses the free Gravatar service for Avatar display.
Tweaking4All will never share your email address with others.