English Amiga Board


Go Back   English Amiga Board > abime.net - Hall Of Light > HOL suggestions and feedback

View Poll Results: Will using https:// only cause a problem for you?
No 18 66.67%
Yes 9 33.33%
Voters: 27. You may not vote on this poll

 
 
Thread Tools
Old 23 February 2021, 10:23   #1
CodyJarrett
Global Moderator

CodyJarrett's Avatar
 
Join Date: Mar 2001
Location: UK
Age: 44
Posts: 5,978
HOL on HTTPS

The Hall of Light runs on both https:// and http:// but we're planning to make it https:// only.

This is required these days as Google doesn't like http:// websites, marks them as insecure in Chrome and downgrades them in search rankings.

https://hol.abime.net

Is this going to cause a problem for anyone who is viewing the site on Amiga browsers?
CodyJarrett is online now  
Old 24 February 2021, 01:10   #2
phx
Natteravn

phx's Avatar
 
Join Date: Nov 2009
Location: Herford / Germany
Posts: 1,966
Do you really care about Google rankings and let them dictate how to run your server? Http is an additional service for old browsers, which would be lost for no good reason. What security would be improved by watching HOL encrypted?
phx is offline  
Old 24 February 2021, 13:31   #3
daxb
Registered User
 
Join Date: Oct 2009
Location: Germany
Posts: 2,877
HTTPS should only be used if necessary. Google also like to force it because they can easy track. I would avoid Google wherever possible or at least don't follow blindly. And what phx said.
daxb is offline  
Old 24 February 2021, 20:26   #4
clenched
Registered User

 
Join Date: Sep 2008
Location: Gainesville U.S.A.
Posts: 771
I'm still thinking... Is disliking the idea a problem? If so my vote would be yes. My 2004 PC default is IE8 (c)2009. It may render 1/100 HTTPS sites. Next is SeaMonkey and Chrome, both bloated, slow to load, ugly "skins" ie plenty to despise. These are "emergency" browers for HTTPS.
clenched is offline  
Old 24 February 2021, 20:33   #5
Photon
Moderator

Photon's Avatar
 
Join Date: Nov 2004
Location: Eksjö / Sweden
Posts: 4,954
Quote:
Originally Posted by phx View Post
Do you really care about Google rankings and let them dictate how to run your server? Http is an additional service for old browsers, which would be lost for no good reason. What security would be improved by watching HOL encrypted?
I think Cody asks because it can cause a problem with Amiga web browsers?

As for the HTTPS upgrade, there must be an internal server redirect from HTTP to the same URL with HTTPS, or a lot of links will die overnight. But I'm sure they know this

HTTPS is meant mostly only for websites with public logins. It's a wish from Google's side but not a requirement to be indexed. Nor should it be for any search engine worth the name. A search engine should want to index as much information as it can. If they stop indexing HTTP, they lose search results.

Quote:
Originally Posted by CodyJarrett View Post
marks them as insecure in Chrome and downgrades them in search rankings
This is actually not true.

That said, there's no harm in changing to HTTPS. You get a certificate that you need to maintain, and if you slip up one year, any link to that website will give any visitor a warning in most/all web browsers right now, not connected to any search engine but even from a typed link.

Last edited by Photon; 24 February 2021 at 20:40.
Photon is offline  
Old 24 February 2021, 21:42   #6
Radertified
Registered User
 
Join Date: Jan 2011
Location: -
Posts: 566
Should HOL keep http:// or go full https:// depends entirely on the goal of the site.

If it's to serve Amiga browsers, http:// needs to be kept.
If it's to rank on Google, redirect all http:// calls to https://

It's as simple as that.

Yes, Google DOES mark sites as insecure and drop their rankings. HTTPS as a ranking signal has been a known factor since 2014, and over the last couple of years Google has been pushing it extensively. I've seen http:// only sites drop rankings several times.

I would speculate that in a few years, browsers will disable http:// support and only make it available as a browser setting, much like they're dropping FTP and several other "insecure" features.

(I'm in the industry - I deal with this stuff everyday).

----

EDIT: I'll add that while there's evidence that Google favors https:// sites, as well as strongly hinting at it several times, it's also largely speculation because as anyone in the industry knows, Google's ranking algorithm is a pain in the butt to deal with and involves a lot of guesswork. You just have to roll with it so in this case, you want rankings, roll with https:// because they've been pushing it for years and have been getting more and more aggressive about it recently.

Last edited by Radertified; 24 February 2021 at 21:49.
Radertified is offline  
Old 24 February 2021, 22:30   #7
jbenam
Italian Amiga Zealot

 
Join Date: Jan 2009
Location: Italy
Age: 33
Posts: 1,433
What about letting HOL go full HTTPS and then setup a reverse proxy (nginx, envoy, etc.) with no SSL on something like port 6800 (68000 would be better but alas...) which can then be accessed by Amigas without compromising SEO?
jbenam is offline  
Old 24 February 2021, 22:39   #8
malko
Ex nihilo nihil

malko's Avatar
 
Join Date: Oct 2017
Location: CH
Posts: 3,483
As long as eab & hol are intended for Amiga users the lowest common denominator must rule the thinking.
jbenam idea is interesting as well
malko is offline  
Old 25 February 2021, 22:01   #9
seuden
uber cool demi god

seuden's Avatar
 
Join Date: Jun 2006
Location: Kent/England
Posts: 2,057
Does it protect me from prying eyes when I'm looking at Amiga pr0n? Sign me up.
seuden is offline  
Old 25 February 2021, 23:57   #10
dalek
Registered User

 
Join Date: Nov 2014
Location: NSW/Australia
Posts: 423
On the http site you could set permanent redirect for the Googlebot useragent to the https site, so it never "sees" or indexes the http only site. Or just plain block it in robots.txt for the http only site with a rewriterule.

The only downside is that all search results would be https but it sounds like google are going to do that regardless.
dalek is offline  
Old 28 February 2021, 20:53   #11
tygre
Returning fan!

tygre's Avatar
 
Join Date: Jan 2011
Location: Montréal, QC, Canada
Posts: 917
Quote:
Originally Posted by phx View Post
Do you really care about Google rankings and let them dictate how to run your server? Http is an additional service for old browsers, which would be lost for no good reason. What security would be improved by watching HOL encrypted?
Hi Phx and all!

Besides old browsers, the energy cost of HTTPS (and here and here) is outrageous because, often, simply unnecessary (as in the case of HOL or so many other "non vital" Web sites ). Also, HTTPS has costs both in money and in time spent by maintainers to setup and update the certificates. It's a unnecessary burden...


Cheers!

Last edited by tygre; 28 February 2021 at 20:54. Reason: Some typos; registering
tygre is offline  
Old 28 February 2021, 23:18   #12
jbenam
Italian Amiga Zealot

 
Join Date: Jan 2009
Location: Italy
Age: 33
Posts: 1,433
Quote:
Originally Posted by tygre View Post
Hi Phx and all!

Besides old browsers, the energy cost of HTTPS (and here and here) is outrageous because, often, simply unnecessary (as in the case of HOL or so many other "non vital" Web sites ). Also, HTTPS has costs both in money and in time spent by maintainers to setup and update the certificates. It's a unnecessary burden...


Cheers!
Hi!

I think that white paper is most definitely outdated. I honestly can't think of a good reason to *not* use HTTPS except when dealing with old computers.

While I can understand that doing SSL isn't that easy for vintage machines, setting up SSL on a modern server literally takes only five minutes of your time and it's entirely free. certbot-auto (you can find more info on certbot.eff.org) takes care of everything (even configuring your web server!), renewals included.
jbenam is offline  
Old 01 March 2021, 00:20   #13
tygre
Returning fan!

tygre's Avatar
 
Join Date: Jan 2011
Location: Montréal, QC, Canada
Posts: 917
Hi Jbenam


Quote:
Originally Posted by jbenam View Post

I think that white paper is most definitely outdated. I honestly can't think of a good reason to *not* use HTTPS except when dealing with old computers.

While I can understand that doing SSL isn't that easy for vintage machines, setting up SSL on a modern server literally takes only five minutes of your time and it's entirely free. certbot-auto (you can find more info on certbot.eff.org) takes care of everything (even configuring your web server!), renewals included.

The paper may be old, but it's not outdated! If anything, energy consumption and costs went up... And there is still the need to maintain the site, manually, with certbot, or with any other solution. It's still add a layer of complexity, new bugs... and for what return/purpose?


Cheers!
tygre is offline  
Old 01 March 2021, 10:37   #14
Jami
Registered User

Jami's Avatar
 
Join Date: Aug 2020
Location: Nantes / France
Posts: 77
Quote:
Originally Posted by dalek View Post
On the http site you could set permanent redirect for the Googlebot useragent to the https site, so it never "sees" or indexes the http only site. Or just plain block it in robots.txt for the http only site with a rewriterule.

The only downside is that all search results would be https but it sounds like google are going to do that regardless.

It seems like a very good compromise.
Jami is offline  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mutation Digital Winter Sale: https://softamuse.itch.io/ Adrian Cummings MarketPlace 3 22 January 2021 09:52
Why is https:// not supported here? hugo_nl project.EAB 32 19 October 2019 19:13
HTTPS Downgrader - surf the web with your amiga again! Cego support.Apps 0 07 January 2019 06:50
iBrowse and HTTPS sites? stu232 support.Apps 4 23 November 2014 19:54
Sword Level Codes for HOL (http://hol.abime.net/?id=2242) killergorilla HOL contributions 4 16 January 2005 20:58

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 10:38.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, vBulletin Solutions Inc.
Page generated in 0.12225 seconds with 16 queries