Subscribe
HTTPS (SSL/TLS) on main website
Last edited on 22 December 2015 - 08:27 AM by unixfox
Hi !Badlion developers should add HTTPS on the main website to secure all requests made between the server and client.
Using HTTPS has many advantages :
- On Google, a site with HTTPS is going to rank higher than a site without (https://googlewebmastercentral.blogspot.co.uk/2014/08/https-as-ranking-signal.html).
- Nobody can read transmissions between the server and the client.
- Many others : http://mashable.com/2011/05/31/https-web-security/
HTTPS is slow to load ? Try using :
HTTPS for free ?
HTTPS is now free to set up by using Let's Encrypt, a free, automated, and open certificate authority !
About buycraft
I've already tried to secure a website running under buycraft on a cname, it's impossible because their DNS provider prevents any kind of modifications like using a proxy (NGINX, cloudflare, etc.) to secure requests between client, proxy and buycraft server.
Posted on 22 December 2015 - 12:37 PM
@MasterGberryPosted on 22 December 2015 - 03:21 PM
Yeah someone linked me to Let's Encrypt a week or two ago. I haven't had a chance to look at it. I will try to in the next few days if I can.Posted on 22 December 2015 - 03:22 PM
unixfox wrote
About buycraft
I've already tried to secure a website running under buycraft on a cname, it's impossible because their DNS provider prevents any kind of modifications like using a proxy (NGINX, cloudflare, etc.) to secure requests between client, proxy and buycraft server.
I've already tried to secure a website running under buycraft on a cname, it's impossible because their DNS provider prevents any kind of modifications like using a proxy (NGINX, cloudflare, etc.) to secure requests between client, proxy and buycraft server.
I'm confused by this part. What are you talking about with this? Are you saying it is possible to make the cname secured? I would think that Buycraft needs to have some form of integration on their servers to allow for this?
Posted on 23 December 2015 - 09:11 AM
MasterGberry wrote
unixfox wrote...
I'm confused by this part. What are you talking about with this? Are you saying it is possible to make the cname secured? I would think that Buycraft needs to have some form of integration on their servers to allow for this?
I tried to secure connection between client and proxy. Proxy who talk with buycraft server.
When a player visit a buycraft shop his requests are transmitted this way :
Person -> Proxy (nginx proxy_pass) (https://shop.badlion.net) -> Buycraft server (https://shopbadlion.buycraft.net)
But it doesn't work due to their protection (Incapsula).