search

EticaAI / forum

Etica.AI is concerned about long-term social & ethical implications of artificial intelligence on Africa/Latin America. Do it via grassroots acts in short-term
https://etica.ai
The Unlicense
9 stars 2 forks source link

HTTPS usage policy on Etica.AI domains #15

Open fititnt opened 7 years ago

fititnt commented 7 years ago

For now, EticaAI is using poor's man SSL, aka cloudflare SSL. I know how to configure a full reverse proxy and etc, but since here at EticaAI we are looking for more cheap and easy to mantain options, is a good idea try new thinks.

This issue is to relate discussions about using SSL in domains and subdomains of EticaAI. I hope it will also serve as a reference for other projects.

captura de tela de 2017-08-15 20-40-14 captura de tela de 2017-08-15 20-40-30

fititnt commented 7 years ago

Note: free cloudflare SSL only work until one level subdomain https://support.cloudflare.com/hc/en-us/articles/200170616-Why-am-I-getting-a-SSL-mismatch-error-

captura de tela de 2017-08-15 20-38-12

We should keep this in mind.

fititnt commented 7 years ago

Always use HTTPS / Redirect all requests with scheme "http" to "https". This applies to all http requests to the zone. disabled

HSTS (for subdomains): disabled

No patience to set everything up. Problems with #26 . Cloudflare does not allow fine tuning by subdomain.