No HTTPS (SSL certificate)?

I wonder why there is no option to visit this site through https (encrypted connection). I do not want airports to inject ads in the webpage and I definitely don’t like the possibility of sniffing my password or private data.

SSL certificate is free these days

1 Like

yea, I second that. I use lestencrypt to encrypt my sites, for example:

SSL is completely necessary these days…

I also have an SSL on

It is not totally necessary, and I am not sure if Discourse servers will allow @onloop to add it.

Discourse allows you to use SSL… But I just don’t understand why anyone would use Discourse servers and not host it on an own one. There are so many affordable options: Amazon web services, M$ Azure, Google Cloud, Digital Ocean… Not only it’s cheaper, but you have pretty much unlimited options in terms of software.

If you want any sort of privacy, it is. Otherwise, everything your sending via the internet is easy to read if intercepted (which is really when the NSA intercepts it, not if).

For sites like this, since were not using using credit cards here, it’s less so important. But I’m sure a lot of private info is sent through PMs here that we wouldn’t want out in the public domain…

@IDVert3X I use DreamHost. Extremely reliable and professional hosting. Not the cheapest (~$120 a year), but it’s well worth the price (they use ssd in their servers now).

Are you sure @onloop uses discourse hosting? this? Looks kinda expensive. Considering that the only thing they do is deploy it on 5$/month digital ocean droplet. Total ripp-off.

I hope for such a price they at least install security updates for you. Not sure what else they do.

1 Like

Yes I am sure, it is hosted by discourse and imo this is the best forum I have visited, which you have to pay for.

Discourse is free. You don’t have to pay for it. You can install it for any purpose wherever you want. On any hosting. But the team behind it provides luxury service of installing it for you

1 Like

I have about had it with people that do nothing but bitch and cry about people that do something.

You don’t have to be here, catch the fuck out if you don’t like it.


A bit harsh words for your third post on this forum. But what would we expect, your first and second one were not that valuable either.

1 Like

He someone else’s alt, to much of a coward to say what he wants without hiding.


there is a drawback of http only - and that’s the s in https - security

without https passwords and personal infos (pms) are transmitted w/o being encrypted so if you log in from a public wifi you can get people’s password potentially just by listening to the wifi signal stream - that’s why people that use this forum shouldn’t use the same password on other websites (that’s a good thing you should do in general btw) and/or shouldn’t use pms as really private messages, because the information travels in clear

it would be nice to have https

a single domain (ssl) certificate costs money usually (20$ year - only a standard certificate, no installation / configuration costs) but there’s one free from - still the web-server (and/or the forum app, discord) has to be configured to use ssl (https) - here’s the link to a guide / guide-docker - as you can see is quite a bit of work but it would be cool - if somebody is very interested in this feature and can, probably should contribute economically to it as Jason is paying for maintainance and hosting of this forum I guess

My posting history has nothing to do with the topic, since the posts about this are very old generalizing as careless is completely accurate. Incompetence can be argued since Enerions website has it.

pointing out this and getting attacked for it is stupid. Yes I am new here so when I see that its not HTTPS I saw posts and people asleep at the wheel I said something. The issue is not going away.

Well, as it is hosted, it may be easier.


Well, if that is your way of pointing something out, you will be a very welcome user at this forum for sure.

Or to say it in your words:

Seriously… WTF Unkindliness & social incompetence (Sorry, did not find a single word for that.)

1 Like

Guilty… I read more post less

Doesn’t change anything about the topic. I am in on a group buy here (your analysis didn’t pick that up from my post count) so considering things like this topic are of concern and should be for others. Just general internet usage.

Well, yes this is an important topic, you are correct in that point.

It’s not what you say, but how you say it.

I’m aware of the plications of HTTPS, I’m a systems engineer with 37 certifications and 2 degrees. I’ve been a systems engineer for 25 years…So I dig it.

The issue is someone coming here that’s made absolutely no contribution to community throwing around “Incompetence & carelessness”.

If he wants to help then offer to buy the certificate. If not, catch out.

Now, to be constructive. If you want alleviate the concerns about pilfered passwords and someone capturing your personal passwords by doing a capture on open traffic, then get a personal VPN service. I use one everytime on the internet u less I’m on my home or corp network.

1 Like


If you don’t like it, don’t visit. @onloop has no legal or moral obligation to secure your http requests. Since you know so much, you should know that securing your internet traffic is your responsibility. That’s why anti-virus and anti-malware are billion dollar businesses.

Personally, I think it was a dick move to say “Incompetence & carelessness” about someone who has never asked you for anything, is actively doing you a favor by hosting and maintaining this site and made the group buy your in (that for some reason makes you legit???) possible.

If it was up to me I’d comb the Apache logs and match up your logins to the WAN IP addresses they originate from and BAN them as well as your account for the sole reason that your a mooch and a dick…very unlucrative combination.

your way over the top

IP ban lol ok…

looks for ignore button

You think it can’t happen? I do it weekly in my network. Be glad to help @onloop learn how to do it as well.

Need help finding it? Hint, start with alt+f4.

1 Like