New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
True, not anymore. Five days ago they were still HTTPS links.
Quick update. I just received a response from mkpossen, it appears the SSL transition is, at least for the moment, postponed.
Just read the thread.
http://www.sslshopper.com/ssl-checker.html#hostname=lowendtalk.com
The biggest problem I see here is
The certificate was issued by GoDaddy.
and also that it should be renewed soon
The reason mentioned was still buysellads.
Any news on that topic, @mkpossen?
Thanks
From what I understood the last time there wont be SSL any time soon.
Voting "pro" SSL/HTTPS. There ain't too much security.
My main concern is the non-encrypted log in and change password screens. Everything else would be still possibly vulnerable to session hijacking but thats a different story.
I am not quite sure about the reason why buysellads is posing a problem in the SSL migration as they seems to work fine with it (for a while the ads here were even transported via SSL).
@mpkossen
why dont you just say it wont happen anytime soon? we are holding on false hopes here.
maybe because we aren't in the 90s anymore - and https will have to come here too, someday...
I dont think we still need to have false hopes
And we got an expired certificate in the house
@mpkossen @Spirit @jbiloh @SysAdmin
Possibly any news on this subject? Thanks
The fact you've posted the last 3 posts in this thread over the course of 13 days without any other response suggests it might just be time to let this one go...
Well, I dont think that HTTPS is such an unreasonable request these days. It has been mentioned several times that there is some problem with the used ad service provider, but without further clarification on what exactly.
Especially considering that HTTPS is already in place (even though now it could do with a certificate renewal) and would not require any additional configuration it should be fairly easy to "enable" it.
Of course there could be some mysterious unknown show-stopper, but then some sort of response would be nice (and no, silence, I would not call an implicit response ), and if only for courtesy.
Well what do you suggest, that we take shifts in bumping this thread?
Given the recent surveillance and other privacy related news I am for one happy that someone does not give up on this and takes time to ask for at least some update.
Sometimes the paranoid in me thinks some US folks are practically not allowed to enable some security features in their software/websites.
I thought it was simply that the advert provider's placement code doesn't support https; is there supposed to be more to it than that?
If others are serious about it, why not? Right now it looks like just one person still gives a shit.
That was never clarified and right now LET actually uses (and already briefly used in the past) HTTPS to deliver advertisements.
Well the ads are served by BuySellAds, and they state in their site that the ad code doesn't work - obviously the ads come through to the end user when viewing the site via HTTPS, so logically that suggests the problem will be that https click-throughs aren't registered.
Are you just waiting for someone to officially say that?
I assume you mean http://support.buysellads.com/knowledge_base/topics/does-your-ad-code-work-in-https-pages
It is still not clear what they mean by that. The advertisements are currently clearly served via HTTPS.
I am afraid I am not sure what you are trying to say here. Can you please rephrase.
n/m
Not really. I can't think of another way to say it, sorry.
If the ads are successfully displayed on HTTPS why would it be logical that subsequent clicks are not registered?
And again, the ads are currently served via HTTPS.
Yes they are, however as part of HTTPS you loose some header and other refferal data when clicking through no? Thus it would bork the tracking/click data.
At least I think thats the case - Yoast explains what I mean well. https://yoast.com/web-https/
Because certain elements of might be lost over HTTPS. I've actually been trying to prove this for the last 20 minutes, but Firefox is a bitch with sites without a valid SSL cert. Going to big up another HTTP analyser for Safari so I can see if there's a difference in what goes over in the request between HTTP and HTTPS.
HTTPS->HTTPS referrer data is not lost. The problem only arises if the site uses HTTPS, but the ad network doesn't.
Been a while since I have messed with any in depth tracking; GA seems enough for me these days but...
1) Maybe not all of the ad network does use HTTPS?
2) If target site is http or landing page is http wouldnt that cause an end site tracking issue?
Looking forward to your findings