Nakiami / mellivora

Mellivora is a CTF engine written in PHP
GNU General Public License v3.0
441 stars 171 forks source link

SSL support removed from mellivora.conf #60

Closed 0x90n closed 8 years ago

0x90n commented 8 years ago

I noticed in a recent cleanup the SSL options were removed; is this functionality implemented elsewhere or for the user to input manually?

Nakiami commented 8 years ago

Hi! I assume you mean this commit? https://github.com/Nakiami/mellivora/commit/74ec33f3c4cc1c9a08de67db37ce02dc6869b22c#diff-f24af0ecd0b9e5beadd10cde17c3f4e5R46

This only means that by default the mellivora site will not force SSL on the login and register pages. If you're running your site with ssl, like https://ctf.yoursite.com/, then you can set CONFIG_SSL_COMPAT to true. If you're doing local dev, or running the site without ssl, leave it as false.