Not everything has switched over completely, but we're at least at 95% done getting all site URLs updated. The original http should still be working for people who don't want https for whatever reason. Please post any breakage you find here and I'll get it fixed.

thank you. is this adding toward cost?

Nope. I was digging through dreamhost's control panel trying to find info about the lag we've been experiencing and saw `https` as an option. There was a payable version and two free versions. I'm in a holding pattern at work so I thought I'd give it a go!

wow, the site is noticeably faster now! is this why?

i honestly have no idea :shrug:

gotta find a way to add https to links. when you travel around the site, it defaults to http links from https. kthx.

funny thing is that i'm even using HTTPS Everywhere

edit: really strange. seems like some sections of botb will give http links and some will give https; and it doesn't really make a pattern as to which.

sometimes when you visit an https link the images won't be linked with https.

Can you give me specific examples?

The only http inside https for images I know of right now are the sprite characters that count ohb trophies on profile pages.

don't know how sites like google, yahoo, youtube and bing are handling https, but they are still able to load on older browsers.

is there a way to use a CA that browsers trust?

even if you get https to work correctly everywhere, i'd assume people would think the self signed "unsafe" certificate would give off the impression that it still doesn't work.

but i guess letsencrypt (or the likes) hasn't been chosen for a good reason. so maybe nvm this.

edit: maybe this was due to my own cache. or me being on crack or w/e. suddenly seems to be no issues anymore (and the cert is trusted)

Things seem to change time to time. Assume that I'm always using HTTPS.

examples(?):

- "Recent Activity..." links from homepage
- "Bulletins, News, and Development..." from the homepage.
- User surveillance links from Admin page.
- "Help" link at bottom of page.
- Certain BotB links in the Lyceum, "Glossary"

That's a start for now.

Thanks. I'll try to knock those out today.

These things fixed --

thread links on homebunk
creative commons links/images
`help` link in footer
lyceum glossary article links
botbr profile trophy case links
sprite text counters for ohb tropiez
user surveillance links from Admin page

Pretty sure the above cover all cached templates. The goal is to make sure links don't accidentally flipflop botbrs between unsecure and secure browsing. Possible to force a redirect from http to https in the future.

using google search within BotB results in non-HTTPS results within Google.

was waiting for the day public toilets would be safe

So I added `https` to the search query if you're on https, but seems like google don't give a shit.

...yet?

right, i think google hasn't propagated any search resluts from battleofthebits.com using HTTPS. that seems the case.

does this help?

https://wiki.apache.org/httpd/RewriteHTTPToHTTPS

could you force the server to redirect to HTTPS? that way the bots scrape HTTPS

yeah -- that would be the final step

just curious if for any reason there are people who can't use https

Safari 5 will not let me use the https version of the site, so I'll still use the http version.

pukey pukes: move forward with HTTPS. people (and djmax) will need to adapt.

most of us are able to connect using HTTPS. there are ways around things. HTTPS benefits everyone. it's more secure and keeps nefarious shit mostly away for you client-side on your activities. instead of you complaining about why something good (objectively) is being implemented and why your current format does not support it, this is a calling to you to assure it's supported for you and your platform. there should be many ways for it to be available for you.

this isn't some corporate rhetoric where a for-profit company is telling you to accept something for their will of gain. honestly, i think puke just decided to accept something because he thinks it would help against bots and shit. (don't think we really know if it will or not. however, the potential is there against mitm attacks.)

i know you're borderline half-troll and pure-autist. and i don't blame you for it. keep growing. and again... keep growing (djmax.)

addendum:

we need to do this for a while so that google propagates HTTPS search results. otherwise it maintains HTTP only. or someone can help puke program a non-Googlespiderbot search system... however that also kills our resources... So no... HTTPS is the best way.

No pleas don't I'm not ready for it yet

the sooner we migrate the quicker you'll find ways of it being available to you. you already found your issue of being able to join IRC solved.

could someone host a https? does sanyone has the badge already? :(

I'm not ready to use Mozilla FireFox yet. I'm too scared to host an ohb with that browser because it will crash if I try to host one with FireFox 48.0.2 instead of Safari 5.1.10, and that is the reason why I refuse to switch over to https.

i'm using https but some of my alerts are still linking to non-https

hmmm... alerts and the links in tweets could be changed to https only... but uh.... maybe?