Closed yihui closed 6 years ago
clauswilke
commented
6 years ago It turns out I just had to update my IP address for github pages. This should be working fine by tomorrow.
Do you recommend enforcing HTTPS at all times? Seems overkill for a site that serves publicly available static content.
yihui
commented
6 years ago Yes, I strongly recommend enforcing HTTPS at all times, even for static sites. Many reasons for that (you may google for them), but the most obvious one to your readers will be this (you probably don't want your website to be marked as "❗️Not secure"): https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html
If the book is hosted via Github Pages, you might need to push a commit to expedite the generation of the SSL certificate.
mikeloukides
commented
6 years ago It's a pain, but I really do think all sites need to move to HTTPS. There have been some good posts about that recently, specifically about small static sites, and why even they need to move.
The problem is basically that with HTTP, you're exposed to man in the middle. And with the current FCC, that man in the middle who's corrupting your site could even be completely legal: your ISP, or your reader's ISP, could decide it wants to inject ad content. To say nothing of what people and organizations with even less ethics than Comcast and AT&T might do.
Mike Loukides VP, Content Strategy O'Reilly Media, Inc.
On Fri, Jul 20, 2018 at 11:15 AM, Yihui Xie notifications@github.com wrote:
Yes, I strongly recommend enforcing HTTPS at all times, even for static sites. Many reasons for that (you may google for them), but the most obvious one to your readers will be this (you probably don't want your website to be marked as "❗️Not secure"): https://security.googleblog. com/2018/02/a-secure-web-is-here-to-stay.html
If the book is hosted via Github Pages, you might need to push a commit to expedite the generation of the SSL certificate.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/clauswilke/dataviz/issues/34#issuecomment-406631823, or mute the thread https://github.com/notifications/unsubscribe-auth/AAZPVnNElta9SODyYCVoMUyEqEezsyi5ks5uIfQSgaJpZM4VXfhW .
yihui
commented
6 years ago I see https://serialmentor.com/dataviz/ is working now. Excellent! Thanks!
clauswilke
commented
6 years ago Thanks to both of you for your comments. I’ve disabled http.
Hi Claus, I wonder if it is too much trouble for you to enable HTTPS for your website https://serialmentor.com/dataviz/ (you may consider Netlify if you have not used it). I'm asking because I wish to list this book on the homepage of bookdown.org. Thank you!