Closed chantra closed 5 years ago
Mikaela
commented
5 years ago Is there a particular reason why Cloudflare is used? I have heard many concerns about them.
If the site was hosted on GitHub pages directly, there would be a checkbox to enforce HTTPS, see Securing your GitHub pages site with HTTPS.
jelu
commented
5 years ago It's a GitHub pages site, will look at this tomorrow.
jelu
commented
5 years ago I think the reason @chantra mentioned Cloudflare is because the domain is hosted there.
We need to change the A record(s) in order to get HTTPS working and it might take some time since it's holiday season etc.
jelu
commented
5 years ago Apparently it is fronted by Cloudflare (didn't know) and HTTPS works now.
Mikaela
commented
5 years ago I noticed the Cloudflare fronting from IPv6 addresses and checked the GitHub pages documentation in hope that they had started supporting IPv6 and I just hadn't set the records, but the IPv4 addresses were also different
jelu
commented
5 years ago @oerdnj can you look at v6 support?
the website can be accessed under http://dnsflagday.net/ and does not redirect to HTTPS.
I would be nice to enforce HTTPS. CF seems to provide an easy way to do that.
Additionally, there seems to be a few places where we should default links to HTTPS instead of HTTP. I have #118 out, but it seems the 2019 page also has http links that could be changed to https.