Welcome, guest! Please login or register.

    * Shoutbox

    RefreshHistory
    • Riskdemon:[link] Varrock OSRS RSPS releasing May 22nd! Discord link provided!
      May 18, 2019, 11:43:14 PM
    • violence.:[link] Most addictive RSPS brand new just opend free m box to every new player
      May 18, 2019, 08:07:04 PM
    • LukrativeHD: Zenyte, the most anticipated RSPS of 2019! The server has been in development for over 2 years! Zenyte will be launching on June 7, 2019! Join our huge community on discord : [link]
      May 17, 2019, 11:18:39 AM
    • SnowRSPS: **Snow-PS | Custom & Improved RSPS | FREE $5 Scroll | Daily Giveaways, Updates & MORE!** **Site:** **<https://SnowRSPS.com><https://Snowscape.net>** **Discord:** [link] ```HTTP |FREE TO PLAY| -317 loading 602 graphics -GambleBots Fully Coded -Fullscreen -Prestige -AutoTrivia -AutoDonations -Custom ::NewHome -50+ Bosses -Unique Pets -Working Skills -Daily Giveaways -10+ Websites -(SnowPS.org|Snow317.com|& MANY MORE) -Staff Needed Always -Super Friendly Community -& We like to Update Weekly HOPE YOU COME N ENJOY! ``` **Facebook:**<https://facebook.com/snowrsps2012>
      May 16, 2019, 06:36:31 PM
    • PalidinoDH:[link]
      May 14, 2019, 10:53:37 PM
    • Coder Nick: ancientisle . com new OSRS server with heaps of content! raids etc!
      May 14, 2019, 04:19:55 AM
    • aXo: Are there any "vanilla" servers for the current OSRS style? Like, servers including tutorial island and all that, without much in the way of ridiculous customs and portals
      May 12, 2019, 05:28:13 PM
    • PavSwag: BRAND NEW RSPS AUTOSCAPE,ORG FREE MBOX WHEN YOU GET 99
      May 10, 2019, 03:28:22 PM
    • Blasta: Hey im available for staff positions want my discord? robzzd#1501
      May 08, 2019, 09:29:13 PM
    • Coder Nick: Brand new rsps ancientisle . com need players and staff!
      May 07, 2019, 09:42:54 PM
    • IceDynasty: LOG IN NOW FOR FREE DONOR! 4 GUYS ON LIMAS-SCAPE
      May 07, 2019, 06:53:08 PM
    • IceDynasty: [youtube]KJNP6Mpg09A[/youtube] CHECK NEW 614 RSPS
      May 07, 2019, 06:24:21 PM
    • Smokey_:[link]
      May 04, 2019, 08:37:40 PM
    • Smokey_: New toplists with unique incentive review system that requires no external libraries in an easy to use plug n play system
      May 04, 2019, 08:37:35 PM
    • dan v jad:[link]  Join us on Discord! [link]  Real OS Server - #178 Data
      May 04, 2019, 11:44:19 AM
    • PavSwag: Try out OSRS brand new server need STAFF autoscape,0RG
      May 04, 2019, 03:48:02 AM
    • Chassy13: this site is dead
      May 01, 2019, 04:50:57 PM
    • Shadowspkin: Cant believe this sites still alive. @Gerrjat email me at [link] if you want
      May 01, 2019, 10:15:22 AM
    • Gerrjat 360: currently looking for developers!
      April 30, 2019, 01:01:37 AM
    • Smokey_: New toplist with unbreakable unspammable incentive review program: Website:  [link] Discord: [link] We have toplists for any type of service and reviews are star rating based and can leave comments (optional) and stackoverflow style help sections where questions/answers can be upvoted and downvoted and unique search options
      April 28, 2019, 06:25:00 PM

    Author Topic: Mandatory HTTPS!  (Read 15252 times)

    0 Members and 1 Guest are viewing this topic.

    Offlinesini

    • Member
    • ****
    • *
    • *
    • Posts: 5,785
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #20 on: October 29, 2015, 04:42:03 AM »
    what
    does
    it
    matter
    david
    Runescape Gambling

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #21 on: October 29, 2015, 01:14:10 PM »
    Runescape Gambling

    OfflineMoparisthebest

    • Global Moderator
    • *****
    • *
    • Posts: 17,146
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #22 on: October 30, 2015, 03:52:25 PM »
    As far as I can tell, there aren't any downsides, and it's a good fallback if for some reason we have a cert problem and everyone wont be able to view the site because "THIS CONNECTION IS UNTRUSTED"

    Actually new Firefox, and soon if not already Chrome and then inevitably other browsers now show a big "THIS CONNECTION IS UNTRUSTED" warning on http. :)  That was actually one of the many reasons to do this.
    forum.moparisthebest.com
    You can have my gun when you pry it from my cold, dead hands.
    Linux users, we do it in the open.
    Runescape Gambling

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #23 on: October 30, 2015, 05:30:26 PM »
    As far as I can tell, there aren't any downsides, and it's a good fallback if for some reason we have a cert problem and everyone wont be able to view the site because "THIS CONNECTION IS UNTRUSTED"

    Actually new Firefox, and soon if not already Chrome and then inevitably other browsers now show a big "THIS CONNECTION IS UNTRUSTED" warning on http. :)  That was actually one of the many reasons to do this.
    Do you have a source for that? I believe that is incorrect. AFAIK that warning shows when you attempt to use https and the site has an invalid cert. I use the latest firefox and never get that warning on http.

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #24 on: October 30, 2015, 06:24:01 PM »
    https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
    https://www.cnet.com/news/chrome-becoming-tool-in-googles-push-for-encrypted-web/

    I've always found it a bit bizare that browsers have been letting people browse unencrypted websites with no warning for all these years, but as soon as a website that actually uses encryption presents a bad cert you get a massive fuck off warning about it.

    maybe microsoft were way ahead of their time when they had this shit in 1920 or whenever it was:

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #25 on: October 30, 2015, 07:22:20 PM »
    Ok so yeah, it's not on firefox yet.

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #26 on: October 30, 2015, 08:05:57 PM »
    oh maybe we should have just waited then, fudge security anyway amirite guys

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #27 on: October 30, 2015, 11:09:35 PM »
    or maybe you should stop being a sarcastic asshole. i was just factchecking the incorrect statement

    OfflineRuneAgent

    • wololo
    • Member
    • ****
    • *
    • *
    • Posts: 7,515
    • Thanks: +0/-0
      • View Profile
      • MITB FORUMS
    Re: Mandatory HTTPS!
    « Reply #28 on: October 31, 2015, 06:10:45 AM »
    It should also be noted that google search engine algorithms rank mandatory https higher.

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #29 on: October 31, 2015, 01:20:35 PM »
    I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn't really something I'd fancy.

    Security over performance, in my case I'd prefer performance.
    What area are you in, just out of curiosity
    « Last Edit: October 31, 2015, 01:22:13 PM by Davidi2 »

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #30 on: October 31, 2015, 02:08:29 PM »
    I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn't really something I'd fancy.

    Security over performance, in my case I'd prefer performance.
    Is that because you're trying to cache with a proxy? I used to do this on my old network since it was slow as balls.

    It is definitely possible to have a proxy server cache https - I did it for a few selected domains (google, youtube, wikipedia). If you wanted to support every website you'd have to setup your own CA on the server, trust it from each machine, and have the server dynamically issue certs for each website you visit. Sounds like a pain in the ass but if you genuinely need a proxy cache that's your only option, since that's the way the internet is moving.
    « Last Edit: October 31, 2015, 02:35:30 PM by Justin Bieber »

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #31 on: November 01, 2015, 07:46:03 AM »
    I'm not using a proxy, haven't thought about it really. I wouldn't really want to use it though;.
    So your browser doesn't cache content served over https? That doesn't sound right at all.

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #32 on: November 01, 2015, 10:09:34 AM »
    I'm not using a proxy, haven't thought about it really. I wouldn't really want to use it though;.
    So your browser doesn't cache content served over https? That doesn't sound right at all.
    HTTPS does not cache content at all
    HTTPS handles caching in the exact same way as HTTP. If your browser isn't caching secure pages then this is because it is *choosing* not to do so. Either change the setting, upgrade, or switch to a better browser.

    It may also be the case that certain websites (possibly this one??) are not sending the correct cache control headers over https due to misconfiguration. Again, webmasters problem that needs to be raised with them.

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #33 on: November 01, 2015, 11:26:37 AM »
    No need to apologise, if you want to use old broken tech then the onus is on you when shit goes wrong.

    Regardless, IE does cache HTTPS by default provided the server sends the correct headers. If it doesn't, then report it to mitb and I'm sure he'll fix it. If it doesn't work even with the correct headers then report it to microsoft because this is a bug. Your responsibility as an end user doesn't include having to mess around with technical config but all you're doing is old man grumbling if you don't report faults.

    Offlinejustaguy

    • Member
    • ****
    • *
    • Posts: 706
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #34 on: November 01, 2015, 11:42:29 AM »
    Your problem is that you're still using IE.
    RIP

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #35 on: November 01, 2015, 02:01:07 PM »
    Even so, the cost of using SSL is another downfall for speed. I sometimes browse the site on 3g when I'm on the go, certain places I get E or even GPRS, it's understandable for slow speed however using 3G or poor 4G it's a bit of a wait.
    I don't think you should be getting such a big performance hit on mobile. Maybe if the latency is already a few seconds then worse case add a few more for https. If what you're saying is true and not just perceived I bet there are more optimisations to be made on the server (session reuse would help a lot of its not doing it already).

    Can you run this to quantify the difference? https://www.httpvshttps.com/ Https was faster for me but I imagine it'll be different on a high latency network.

    It would also be interesting to see the results of that on your slow home connection.

    Offlinet4

    • Member
    • ****
    • *
    • *
    • *
    • Posts: 6,798
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #36 on: November 01, 2015, 03:32:35 PM »
    Even so, the cost of using SSL is another downfall for speed. I sometimes browse the site on 3g when I'm on the go, certain places I get E or even GPRS, it's understandable for slow speed however using 3G or poor 4G it's a bit of a wait.
    I don't think you should be getting such a big performance hit on mobile. Maybe if the latency is already a few seconds then worse case add a few more for https. If what you're saying is true and not just perceived I bet there are more optimisations to be made on the server (session reuse would help a lot of its not doing it already).

    Can you run this to quantify the difference? https://www.httpvshttps.com/ Https was faster for me but I imagine it'll be different on a high latency network.

    It would also be interesting to see the results of that on your slow home connection.
    cool test, HTTP is 356% slower than HTTPS for me

    OfflineJustin Bieber

    • Member
    • ****
    • Posts: 2,941
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #37 on: November 01, 2015, 03:37:24 PM »
    yea I got that a couple of times too, probably caching.. it recommends running each test in a fresh session.

    Offlinet4

    • Member
    • ****
    • *
    • *
    • *
    • Posts: 6,798
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #38 on: November 01, 2015, 03:38:50 PM »
    yea I got that a couple of times too, probably caching.. it recommends running each test in a fresh session.
    but HTTPS cannot cache? :confused::confused::confused::confused::confused::confused:

    OfflineDavidi2

    • Member
    • ****
    • *
    • Posts: 23,272
    • Thanks: +0/-0
      • View Profile
    Re: Mandatory HTTPS!
    « Reply #39 on: November 01, 2015, 03:40:29 PM »
    I definitely trust the results of a website that says "https is faster" in the title before even letting you run the test. It takes me 5 seconds to load 2mb of images? I call bullshit.

    yea I got that a couple of times too, probably caching.. it recommends running each test in a fresh session.
    It says in the description that it has disabled caching completely on the webserver. (Part of why HTTPS might be faster for some people, they are giving it the best possible circumstances; though I personally suspect they have other settings too)
    « Last Edit: November 01, 2015, 04:05:50 PM by Davidi2 »

     

    Copyright © 2017 MoparScape. All rights reserved.
    Powered by SMFPacks SEO Pro Mod |
    SimplePortal 2.3.5 © 2008-2012, SimplePortal