Site Issues

[emky]

stars-in-shadow.com hadn't been working for me for a while. HTTPS version of the site still refuses to load. Just a few moments ago, I clicked a link that explicitly brought me in http (not encrypted https) and found it loading. I was getting worried about the devs/state of the game (and loss of some of the mods in the forums I still want to try) with the site not loading.

[Arioch]

The website doesn't support HTTPS and I don't think it ever has. I'm not sure that it really needs to, since we don't conduct any financial transactions or the like.

[AMX]

FWIW:

Some browsers now default to https, and display an error message instead of trying http.
Not the site's fault, but potentially bad for business.

Forum members who reuse their password are at greater risk if the connection is not encrypted.

And kinda out there:
While you don't do any transactions through the website, you do have links to Steam and GoG - a MITM attack could rewrite the links to point to a fake storefront.

So while it's probably not really important, I do think https support would be useful.

[emky]

Right. Browsers are now pushing HTTPS only. It's not the default yet, but will be soon.

If you want ease of adding HTTPS to your site, you can check out https://letsencrypt.org/

Article about it: https://arstechnica.com/gadgets/2021/09 ... re-plugin/