I've done a bit of fiddling about on the server, and I've managed to make it so that the forums supports both HTTP and HTTPS protocols. HTTP is how you've been browsing the forums all this time, and it's very insecure, since everything (usernames, emails, passwords, etc) is send in the clear between your computer and the server.
HTTPS on the other hand, sets up an encrypted connection, and all data is effectively scrambled by your computer and then unscrambled at the server. The idea being that someone trying to snoop on your data cannot unscramble it easily.
However, the problem with HTTPS is that it requires a signed certificate, which costs money, and there are various flaws with the system. The only other alternative (which is what I've implemented) is to have a self-signed certificate, and this isn't as secure. However, in 99% of cases, this insecurity probably won't matter to you, so the compromise is worth it (any security is better than no security). It does mean that when you first visit the site, your browser will probably alert you to warn you about the "invalid" certificate. If you add an exception to this certificate, the site should work fine from that point onwards.
If you wish to use the encrypted version of the site, just point your browser at: https://atheistforums.org
Enjoy!
For the tech-savvy:
Here is certificate information if you want to check it corresponds to what the server is sending you (useful for detecting man-in-the-middle attacks).
Public Key Algorithm: RSA (2048 bit key)
Public Key:
Signature Algorithm: SHA-256 with RSA
Signature:
SHA1 Fingerprint:
MD5 Fingerprint:
HTTPS on the other hand, sets up an encrypted connection, and all data is effectively scrambled by your computer and then unscrambled at the server. The idea being that someone trying to snoop on your data cannot unscramble it easily.
However, the problem with HTTPS is that it requires a signed certificate, which costs money, and there are various flaws with the system. The only other alternative (which is what I've implemented) is to have a self-signed certificate, and this isn't as secure. However, in 99% of cases, this insecurity probably won't matter to you, so the compromise is worth it (any security is better than no security). It does mean that when you first visit the site, your browser will probably alert you to warn you about the "invalid" certificate. If you add an exception to this certificate, the site should work fine from that point onwards.
If you wish to use the encrypted version of the site, just point your browser at: https://atheistforums.org
Enjoy!
For the tech-savvy:
Here is certificate information if you want to check it corresponds to what the server is sending you (useful for detecting man-in-the-middle attacks).
Public Key Algorithm: RSA (2048 bit key)
Public Key:
Code:
C3 80 7B 6B E6 93 29 AE 80 1A 08 D6 D9 A3 BA BF 0D 29 15 A5 04 BB FA 9C D8 91 22 CF 40 89 44 DE 97 0A 8D 9C F4 F2 50 5A D6 63 AB BD 36 71 58 15 3E 83 F8 D6 14 E1 A0 A2 09 B8 68 F4 91 DA E1 22 17 1C 51 86 93 6E C6 40 87 9E 6A 99 79 AA C1 32 02 71 02 DF DF 1A 1A DC BB C8 3A A9 73 27 43 06 66 70 DA 63 32 44 FC 0E C0 8D B2 C5 BF 78 7A 5C EB B3 42 B2 99 44 00 96 C5 06 AE 8E F2 61 B8 7B 28 23 AE 8C FD 67 BD 77 72 3D EE EB 72 07 00 87 B9 F6 29 C6 9D 9D 4C EF 44 7C AF 2F CB EB 1C 5B E8 4E 6F 27 5D 28 9C 99 9B 8F 11 71 FF ED 37 F5 59 71 00 EE 4F A2 C4 DA 3D 93 49 03 B8 58 F4 06 BA A8 8D C9 A6 6B 9F 81 45 D7 9C 8B 35 94 FD C6 DC 1E 6B FE BD 42 F0 BD 95 87 2D 3B 91 C3 F9 E8 F7 DB 0D EA CF F6 91 CE 5A A8 9D CF 31 F1 E5 A8 75 83 C4 6F 16 8D E5 44 71 14 94 7C E4 66 A8 EDSignature Algorithm: SHA-256 with RSA
Signature:
Code:
97 E7 0A CA 43 AA E4 3E 5D 4D 4C A0 90 54 94 F3 83 3D 78 68 B5 FC A8 21 31 A8 FE 8B 3F 4F 19 F3 9A 33 08 FC 25 57 6A 9E 9B A8 98 21 33 2B 64 03 50 D1 D5 4B CE 38 FC 60 09 58 AE 47 AC 47 0E 3E 8B CB 3A 9C 28 01 6C 11 C5 B4 E3 1E 89 35 59 62 E2 F4 00 A9 92 A8 21 FA 9D EA 2F 0C 44 16 4A 57 A4 44 F8 13 30 DC B4 14 3D B7 A3 44 3A 50 B5 99 4E 29 D5 15 27 A8 68 85 63 69 7C 92 9F 46 D6 7F 2A 9C 52 9C 13 B3 83 71 FF F7 AE F4 BB B4 A7 53 DF 87 2A BA BD BD DB 32 AF B0 23 07 3A 5B F3 8E 86 02 43 4C 4C FD 34 BF 87 40 17 37 B4 BE C5 AF A4 5F 62 DC A9 E9 CE FD 5F 9C E0 E9 1E CB 78 5D 57 7A E3 43 D8 39 93 F0 60 CB 03 A1 23 4B 71 BE 74 FB 88 2D A5 93 56 D9 18 7B 86 4E BB 48 8F 3B BE 31 7B 89 5B 2B 1D 17 63 47 C5 8D 61 9F 81 6E C9 7F F5 6D E9 BC CE 6B 08 49 A7 49 1C B6 E1 C3SHA1 Fingerprint:
Code:
D9 C8 DE 91 D9 A4 AF B8 9F F7 53 DE 88 F5 2A A3 CA 51 C9 59MD5 Fingerprint:
Code:
A7 93 80 97 10 26 BB C6 E7 A6 A6 5B 83 CD E4 20
![[Image: excellentq.jpg]](https://images.weserv.nl/?url=img96.imageshack.us%2Fimg96%2F9753%2Fexcellentq.jpg)
