search

keiffster / program-y

Python 3.x based AIML 2.0 Chatbot interpreter, framework, related programs and knowledge files
https://keiffster.github.io/program-y/
Other
348 stars 138 forks source link

Getting a secure connection between the web client and the bot #134

Closed pranavlal closed 6 years ago

pranavlal commented 6 years ago

Issue tracker is ONLY used for reporting bugs. NO NEW FEATURE ACCEPTED! Use stackoverflow for supporting issues. Is it possible to use TLS between my bot and its web interface?

I understand that Google Chrome is going to be flagging insecure sites from July 2018. I have cisobot hosted on the web using the web client that comes with program-y. Can I establish a secure connection?

Expected Behavior

I should be able to run the bot over a https link.

Current Behavior

The communication between the bot and program-y is in plain text.## Possible Solution

I am concerned about browsers beginning to flag my bot's website as insecure. I understand that Google Chrome will start doing this from July 2018.

Steps to Reproduce

  1. Visit http://cisobot.in
  2. You will find that the communication is in plain text.

I am running program-y on a digital ocean droplet running Ubuntu 16.04.

keiffster commented 6 years ago

I do this already and will be writing up the instructions in the next few days

Basically you host a web server, I chose nginx, and the only per you expose is 443, then use Nginx to port forward to the port your bot is on. You can then use certbot to create a free cert and run it in the server and just keep you bot on local host on http

pranavlal commented 6 years ago

Hi, I like the idea and await your instructions with interest. I have used nginx before so this should be easy to do.