Implemented SSL / HTTPS Integration

This suggestion has been implemented. Votes are no longer accepted.
I can't find a setting for it either. The search icon shows on that site for me, so it doesn't appear to be consistent.. but usually Chrome comes up with a badge in the address bar saying some content wasn't loaded because it was insecure.

Using Chromium 25.x on OS X.

Also I did attempt to load the Adsense javascript via https when I first switched to SPDY, and you're right that it works.. but it doesn't (or didn't) load the ad content over a secure connection, especially rich media (image/flash/video) ads.
 
digitalpoint said:
Weird... I just went through all the Chrome settings I could find and didn't see such a thing in there.

So if you go here: https://forums.suse.com/forum.php the black icon next to search doesn't show (it's served over insecure connection)?

Image%202013.01.07%2012:41:48%20PM.png
Click to expand...
Yeh that works, but your image doesn't load for me. Ah, it looks like it loaded insecure content from the same tld domain but blocked it from others:
[blocked] The page at https://forums.suse.com/forum.php ran insecure content from http://yui.yahooapis.com/combo?2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js&2.9.0/build/connection/connection-min.js.
This browser is AJAX compatible
vbulletin-core.js:11​

The page at https://forums.suse.com/forum.php displayed insecure content from http://www.suse.com/common/img/forum_search.jpg.
Firing System Init
vbulletin-core.js:11​

Fire vB_XHTML_Ready
vbulletin-core.js:11​

Fetch Cookie :: vbulletin_collapse (null)
vbulletin-core.js:11​

Failed to load resource: the server responded with a status of 404 (Not Found)
https://forums.suse.com/common/inc/foresee/foresee-surveydef.js​
Click to expand...
 
Jeremy P said:
I can't find a setting for it either. The search icon shows on that site for me, so it doesn't appear to be consistent.. but usually Chrome comes up with a badge in the address bar saying some content wasn't loaded because it was insecure.

Using Chromium 25.x on OS X.

Also I did attempt to load the Adsense javascript via https when I first switched to SPDY, and you're right that it works.. but it doesn't (or didn't) load the ad content over a secure connection, especially rich media (image/flash/video) ads.
Click to expand...
Maybe you are thinking of JavaScript not running/loading over insecure connections? That IS the case... but static content (images, CSS, etc. will still load). But when it comes down to it, you should be able to load all JS on your site via HTTPS (AdSense, Google Analytics, social media buttons, etc. all work over HTTPS).

Maybe AdSense over HTTP was screwy at one point, but it definitely loads all secondary ad content securely for me... Example... (see image-based AdSense is there, address bar still registers as fully secure, etc.)

Image%202013.01.07%2012:59:18%20PM.png


As far as the message from Chrome, are you sure you aren't seeing a message that says content WAS loaded, just insecurely?

Image%202013.01.07%201:04:14%20PM.png
 
:D You're 100% correct DP. It's just javascript that's prevented from loading, insecure images just display triangles and Adsense is working just fine serving everything over a secure connection. Just reconfigured my site to serve everyone over https+spdy.

It looks like it was a 3rd party captcha addon that was using insecure JS and causing the warning.. duh :whistle: Should have checked developer toolbar more closely..

Sorry to everyone for dragging this off-topic.
 
Deebs said:
Certainly does :)
http://nginx.org/patches/spdy/
Click to expand...
Jeremy P said:
Just FWIW my production site is setup using SPDY (https, via nginx) for all logged-in members.
Click to expand...

1. Is there a binary repo for debian with nginx+spdy? Don't fancy performing a source compile

2. How do you manage to have https for logged-in members? Do you set the logon page somewhere in options to https and they remain via https after that? Haven't seen anywhere to be able to designate url for logon page(s).
 
Mouth said:
1. Is there a binary repo for debian with nginx+spdy? Don't fancy performing a source compile

2. How do you manage to have https for logged-in members? Do you set the logon page somewhere in options to https and they remain via https after that? Haven't seen anywhere to be able to designate url for logon page(s).
Click to expand...
1) Chris Lea has built an nginx-devel package with SPDY. https://launchpad.net/~chris-lea/+archive/nginx-devel You could use that until it's in core.

2) Custom code, which unfortunately I won't be releasing. I just serve the whole site over https now since Adsense and everything works.
 
One interesting thing I just noticed about SPDY... it will use the same connection for multiple hosts (even if they are completely different domains) if it can. I think "if it can" entails the same SSL certificate on the same front-end gateway.

For example, all the digitalpoint.com sub-domains share the same SPDY connection with dpstatic.com sub-domains (my cookieless domain for serving static content). I assume it's to eliminiate the SSL handshake needed for each host when it's not necessary.

Everything related to Google seems to be using SPDY these days (Google search, Gmail, Google Analytics, AdSense, YouTube, Google+, etc.), as is Twitter and most everything by Automattic (WordPress domains, Gravatar, etc.)

Image%202013.01.08%2011:59:48%20AM.png
 
If you run Chrome, type this on the address bar to check SPDY status chrome://net-internals/#spdy
You can also use this site to check http://spdycheck.org/

I just get spdy installed and working on my site. Too bad nginx can only support up to spdy/2
If you look at the picture above, everything from Google is using spdy/3.
 
We actually *just* migrated from Apache to Nginx a few weeks ago (at the same time we migrated to XenForo). Litespeed wasn't even in the running for evaluation for me because I wanted something with SPDY support.

I remember looking at Litespeed a few years ago and it wasn't bad... In fact for some things it was the best option. But it didn't do anything remarkably better, so the cost of the enterprise version was an issue also. Maybe now it does stuff much better, but for *me*, the fact that SPDY protocol support isn't an option at all makes Litespeed not an option at all for me.
 
digitalpoint said:
We actually *just* migrated from Apache to Nginx a few weeks ago (at the same time we migrated to XenForo). Litespeed wasn't even in the running for evaluation for me because I wanted something with SPDY support.

I remember looking at Litespeed a few years ago and it wasn't bad... In fact for some things it was the best option. But it didn't do anything remarkably better, so the cost of the enterprise version was an issue also. Maybe now it does stuff much better, but for *me*, the fact that SPDY protocol support isn't an option at all makes Litespeed not an option at all for me.
Click to expand...


Thanks, I been considering Nginx as of late, the 8 core monthly license fee is something I can do without considering they been dropping the ball lately on new technology support like SPDY. I do like the built in intergration Litespeed offers with CloudLinux and CageFS right under the hood as I use it for shared forum hosting. But the 8 core monthly fee is making me start to consider other options.
 
Yeah, when I looked at it some years ago, the Litespeed licensing was going to cost us somewhere around $30,000/year. It definitely didn't do anything $30,000 better even back then. :) But yeah... it seems to slowly have been falling behind Nginx technology-wise the last couple years as well, so...

Also, I can't say enough good about Nginx developers. Any issues we've had that we reported has always resulted in a patch within hours (literally) from Nginx developers and incorporated into the branch.
 

Similar threads

hello2029
XF 2 Xenforo & Nextcloud
Replies
0
Views
871
hello2029
hello2029
aidanohart
  • Question Question
Xenforo as an OAuth2 service
Replies
4
Views
1K
⭐ Alex ⭐
⭐ Alex ⭐
Ozzy47
[OzzModz] Security Lock Old Accounts
2 3
Replies
58
Views
3K
Ozzy47
Ozzy47
Dannymh
XF 2 Id Verification with Veriff integration [Paid]
Replies
0
Views
354
Dannymh
Dannymh
DaveM
  • Question Question
XF 2.2 New Member Cannot See Forum Nodes
Replies
11
Views
411
AndrewSimm
AndrewSimm
Top Bottom