phpBB goes green

Discussion in 'phpBB Discussions' started by News Bot, Aug 16, 2012.

  1. News Bot

    News Bot Regular Member

    Joined:
    Apr 28, 2011
    Messages:
    429
    Likes Received:
    63
    Location:
    Cyber Space
    Greetings all,

    We are pleased to announce that in an effort to make your connection to the phpBB.com servers more secure, we have implemented SSL/TLS across our corner of the internet.

    We are very grateful to the fine folks at DigiCert, who have graciously donated an Extended Validation Certificate for us to use on www.phpbb.com and a Wildcard SSL Certificate to secure the rest of our subdomains. If you are using a modern browser (and reading this announcement on www.phpbb.com), you should see a green address bar, denoting the secure connection. Other *.phpbb.com sites will display a lock.

    To verify the details of the certificates, you can check out the seals below:
    awww_digicert_com_seals_cascade__ac0afdb813867d55b0e2770d7d367190._.png awww_digicert_com_seals_cascade__54e51303ebd702ec6bc6990983f6d9fa._.png atemp.marshalrusty.com_seal_phpbb_com.jpg

    Qualys Labs also has a nifty tool for analyzing SSL connection details:
    Analyze phpBB Main (www.phpbb.com)
    Analyze phpBB Area51 (area51.phpbb.com)
    Analyze Google.com


    Security is phpBB's top priority, and with this change, data sent between your browser and the phpBB.com servers will be encrypted to prevent access and tampering. Of course, SSL doesn't protect against everything, so we'll take this security-themed post as an opportunity to remind everyone to be diligent, use secure passwords, and only utilize computers that you're certain haven't been tampered with.

    This has been rolled out to most areas of the site, however efforts are ongoing in several sections:
    • http://tracker.phpbb.com is still being tested, so it does not have SSL redirection in place yet.
    • Our team map requires moving to a newer version of the Google API, so that page will not be sent over HTTPS.
    • HTTPS is not forced on Area51's discussion board so that testing may be performed in both environments.

    Offsite content on our discussion boards is being redirected to a Camo server through a template hook, so you should never see mixed content warnings while browsing any part of our sites. If you do, or find any other issues, please report them to our website bug tracker.

    Once again, a great big hug to DigiCert for sponsoring this move.

    You may discuss this in the discussion topic.

    Continue reading...
     
    Brandon likes this.

Share This Page