Potato Spud
As title says. IMHO there's no point, while it does damage because it prevents users to set "block mixed content in https pages" in the browser, which is an important security option for websites where encryption matters (shopping, banking, etc). I'm not saying you must go all https if there are technical issues or costs in doing so, but you could just go http then, as it's of little use if such a core part of the page is leaked out anyway
Edited by udarnel, 05 January 2018 - 10:26 AM.
Baked Potato
https is useful for protecting password security, so having the forum pages https helps with that. On the other hand, the ad revenue that (mostly) pays for batoto servers comes from ad networks that don't use https (yet). Hence we're stuck with mixed content for a while.
Discord King
Honestly, I'm not sure why img.bato.to isn't https. My guess is that when Grumpy first got tls certs, he had to pay for them and decided to just encrypt the main forum and not the subdomains. Back then, letsencrypt and mixed-content warnings didn't exist
As for why he hasn't updated to newer certs with subdomains included... probably just not worth the time and effort since it works fine.
My words are my own, and do not represent Batoto in any way, shape, or form unless otherwise stated in the post itself ^.^
Potato Spud
Probably as Dactyl said, then. If the cost of tls encryption depends on bandwith usage, it makes sense that img.bato would be by far the most expensive.
Discord King
Probably as Dactyl said, then. If the cost of tls encryption depends on bandwith usage, it makes sense that img.bato would be by far the most expensive.
Edited by Daktyl, 07 January 2018 - 07:46 PM.
double post due to internet fk up
My words are my own, and do not represent Batoto in any way, shape, or form unless otherwise stated in the post itself ^.^
Potato Spud
Community Forum Software by IP.Board
Licensed to: Vatoto!
Sign In
Create Account
Back to top