StreamingSoundtracks
VIP
Subscribe to become a VIP member of SST!

· Request More Often
· Unshared Requests
· Request Countdown Timer
· Request Ready Indicator
· Your Request History
· Access To The VIP Forum
· Add More Favorites

:: Click Here To Upgrade ::

:: Give VIP as a Gift ::

Listen Live!

Follow Us

Donation Meter


Make donations with PayPal!
Monthly Goal:
$500.00

Need:
$187.62

10 Donations:
$312.38

StreamingSoundtracks.com (Jul-4) paul4opus $15.00
Death.FM (Jul-2) SeclusionSolution $6.66
StreamingSoundtracks.com (Jul-2) MorG $5.00
Death.FM (Jul-2) JERIC $1.00
StreamingSoundtracks.com (Jul-2) JERIC $1.00
1980s.FM (Jul-2) JERIC $1.00
Adagio.FM (Jul-2) JERIC $1.00
Entranced.FM (Jul-2) JERIC $1.00
Death.FM (Jul-1) osiris $10.00
Entranced.FM (Jul-1) Seclu $270.72


 


Last Month's Donors
Entranced.FM (Jun-23) Anonymous $25.00
Death.FM (Jun-13) shru $50.00
1980s.FM (Jun-9) shru $10.00
StreamingSoundtracks.com (Jun-7) Shru $50.00
Death.FM (Jun-2) osiris $10.00
Entranced.FM (Jun-2) SoNiA $25.00




Search

 


Securing the website with HTTPS/SSL
Goto page 1, 2  Next
 
Post new topic   Reply to topic    StreamingSoundtracks.com Forum Index -> Ideas
View previous topic :: View next topic  

Would you prefer secure SST content through HTTPS/SSL over the current insecure one?
Yes, security is always important
64%
 64%  [ 18 ]
Yes, sounds useful
32%
 32%  [ 9 ]
No, I prefer insecure communication
3%
 3%  [ 1 ]
Total Votes : 28

Author Message
Atanamo
Cadet 1
Cadet 1


Joined: Nov 06, 2006
Posts: 3

PostPosted: Wed May 19, 2021 7:18 am    Post subject: Securing the website with HTTPS/SSL Reply with quote

The last few years clearly show an increasing focus of browsers and other platforms on security by HTTPS (SSL/TLS).
At the same time, technical barriers for supporting SSL/TLS came down, thanks to LetsEncrypt, for example.

The insecure HTTP protocol will probably become obsolete in the long term. HTTP websites are already disadvantaged, for example by Google search.

And there are numerous technical limitation in mixing HTTPS content with HTTP.
For example, this means that the SST radio stream cannot be embedded in an HTTPS page.

So SST is hindering its own accessibility on the web so far.

Thus, I definitely suggest HTTPS/SSL support - for website and radio stream. Very Happy
The time for this is overdue. Wink
Back to top
View user's profile Send private message Visit poster's website
Dragonel
Vice Admiral (Moderator)
Vice Admiral (Moderator)


Joined: Jul 16, 2008
Posts: 420
Location: Dragonia, US

PostPosted: Wed May 19, 2021 10:48 am    Post subject: Reply with quote

There are a lot of other website changes / requests that haven't happened over the years due to everyone involved having real lives, and other reasons most old-timers know well.

In that context, my thought is that the second option really means "Yes, but not more important than other updates we need or want" and I have chosen it in that spirit.
_________________
If you can't stand the heat, don't tease a dragon
Back to top
View user's profile Send private message
MojoPin
Vice Admiral (Moderator)
Vice Admiral (Moderator)


Joined: Jan 16, 2004
Posts: 718
Location: Texas

PostPosted: Wed May 19, 2021 3:56 pm    Post subject: Reply with quote

Every time I'm here, my browser reminds me that the site hasn't been updated to HTTPS with this warning message attached to the login box:
"This connection is not secure. Logins here could be compromised."
SST is the only place I visit regularly which still triggers this "hey it's outdated" alert from my browser.

I concur that we're in serious need of some updates/upgrades, but those are dependent on Jeric or Admin having time to do big overhauls, and as Dragon already pointed out, real world is time-consuming.

So, I voted 'yes' under the second option, for same reasons.
Back to top
View user's profile Send private message
607
Lieutenant
Lieutenant


Joined: Sep 19, 2018
Posts: 222
Location: Amersfoort

PostPosted: Thu May 20, 2021 3:02 am    Post subject: Reply with quote

Yes, I think it's important. I personally don't think the protection itself is too important, but many browsers and indeed Google too do hold websites that do not offer it in bad regard. As such, it is important to attract and keep new users to have https enabled.
Should it be troublesome? I'm no expert, but I enabled SSL protection for my own websites in less than an hour, if I recall correctly. Maybe things are more complicated for SST? Or has nobody with access to the hosting simply taken the time to look into it? Is that just JERIC, by the way?
Thanks for raising the issue, Atanamo. Smile
Back to top
View user's profile Send private message Visit poster's website
Atanamo
Cadet 1
Cadet 1


Joined: Nov 06, 2006
Posts: 3

PostPosted: Thu May 20, 2021 6:43 am    Post subject: Reply with quote

Well, since I'm also a server admin, I know that it's really not that complex.
(Although I don't know much about streams.)

And of course it depends on how well maintained the servers are. If the versions are not up to date, there are usually other tasks that eat up a lot more time.

If necessary, I can also offer my help. Wink
I would have fun to contribute here.
Back to top
View user's profile Send private message Visit poster's website
Finnster
Lieutenant Junior Grade
Lieutenant Junior Grade


Joined: Oct 12, 2010
Posts: 53
Location: Atlanta

PostPosted: Thu May 20, 2021 7:51 am    Post subject: Reply with quote

Having the site secure would allow for more interaction I would think.
Back to top
View user's profile Send private message Visit poster's website
607
Lieutenant
Lieutenant


Joined: Sep 19, 2018
Posts: 222
Location: Amersfoort

PostPosted: Sat Jun 12, 2021 6:25 am    Post subject: Reply with quote

Is there someone we should contact about this? Maybe someone could talk to JERIC about it?
Back to top
View user's profile Send private message Visit poster's website
molossus
Rear Admiral (Ambassador)
Rear Admiral (Ambassador)


Joined: Aug 09, 2005
Posts: 3327
Location: Warsaw & once in a blue moon Szczecin (Poland)

PostPosted: Sat Jun 12, 2021 4:45 pm    Post subject: Reply with quote

JERIC knows about the idea brought up in this topic.
_________________
<i>"The piano keys are black and white,
But they sound like a million colors in your mind"</i>
(from "Spider's Web" by <a href="http://katiemelua.com/music/#KatieMelua">Katie Melua</a>)

Avatar is from work of art by Drew Struzan
Back to top
View user's profile Send private message Send e-mail
607
Lieutenant
Lieutenant


Joined: Sep 19, 2018
Posts: 222
Location: Amersfoort

PostPosted: Sun Jun 13, 2021 4:04 am    Post subject: Reply with quote

molossus wrote:
JERIC knows about the idea brought up in this topic.

Good, thanks!
Back to top
View user's profile Send private message Visit poster's website
607
Lieutenant
Lieutenant


Joined: Sep 19, 2018
Posts: 222
Location: Amersfoort

PostPosted: Fri Sep 03, 2021 7:57 am    Post subject: Reply with quote

I think someone should try for 3 hours to get this set up. If it can't be done within that time, apparently it requires more thought and effort. But maybe it can, and then it would be well worth the time, I think.
Back to top
View user's profile Send private message Visit poster's website
jeniferajee
Cadet 1
Cadet 1


Joined: Oct 11, 2021
Posts: 1

PostPosted: Mon Oct 11, 2021 1:03 am    Post subject: Reply with quote

SSL stands for Secure Sockets Layer and is the protocol that keeps your browser session secure. Having an SSL certificate is what adds the “S” to “HTTP.” SSL certificates are what make your browser session secure. We know that “privacy” and “security” are the hottest buzzwords around the IoT these days, but this is no mere trend—SSL is something you should absolutely have. In fact, Google has increasingly demanded SSL certificates since about 2016

Edited to remove spam link. -Morg
Back to top
View user's profile Send private message
607
Lieutenant
Lieutenant


Joined: Sep 19, 2018
Posts: 222
Location: Amersfoort

PostPosted: Tue Feb 22, 2022 10:23 am    Post subject: Reply with quote

jeniferajee wrote:
SSL stands for Secure Sockets Layer and is the protocol that keeps your browser session secure. Having an SSL certificate is what adds the “S” to “HTTP.” SSL certificates are what make your browser session secure. We know that “privacy” and “security” are the hottest buzzwords around the IoT these days, but this is no mere trend—SSL is something you should absolutely have. In fact, Google has increasingly demanded SSL certificates since about 2016

Edited to remove spam link. -Morg

Even the spambots know it... I wonder what the link was for, though? You can get an SSL certificate for free, through https://letsencrypt.org/.
Back to top
View user's profile Send private message Visit poster's website
delusion_
Cadet 1
Cadet 1


Joined: May 07, 2002
Posts: 3
Location: San Diego, CA

PostPosted: Tue Dec 13, 2022 2:54 pm    Post subject: Reply with quote

This should probably be a priority for SST - most browsers are defaulting now to HTTPS-only mode - and will warn/prevent connecting to HTTP sites.

SST could use a service like CloudFlare to easily get a free SSL cert/proxy traffic.
Back to top
View user's profile Send private message Send e-mail
philk
Ensign
Ensign


Joined: May 01, 2004
Posts: 43

PostPosted: Tue Apr 25, 2023 6:38 am    Post subject: Reply with quote

I agree it should be upgraded. The would also allow me to remove the excemptions from my iOS app for non-secure http traffic.
Back to top
View user's profile Send private message
philk
Ensign
Ensign


Joined: May 01, 2004
Posts: 43

PostPosted: Fri Feb 09, 2024 10:39 am    Post subject: Reply with quote

Any work being done here?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    StreamingSoundtracks.com Forum Index -> Ideas All times are GMT - 5 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Forums ©
Copyright © 2001-2026 24seven.FM, LLC. All rights reserved.
The 24seven.FM Network — Community Supported Internet Radio.

[ About Us ] | [ Contact ] | [ Privacy Policy ] | [ Terms of Service ]

Page Generation: 0 Seconds