search

thegreenwebfoundation / greencheck-api

The green web foundation API
https://www.thegreenwebfoundation.org/
Apache License 2.0
9 stars 3 forks source link

Remove http:// api and let it use https always #49

Open arendjantetteroo opened 4 years ago

arendjantetteroo commented 4 years ago

We currently provide the api on both http and https. Given the privacy implications and for caching practices we should move everything to https.

It's unclear which sites/extension still use the non secure one, i think our current extensions are all on the secure one by default.

Lets see if we can redirect to https with keeping the systems that use it still working.

arendjantetteroo commented 4 years ago

@mrchrisadams https://certbot.eff.org/docs/using.html#dns-plugins

Lets figure out which one is free and we should use. Any objections on cloudflare?

arendjantetteroo commented 4 years ago

Next date this will expire : Your certificate (or certificates) for the names listed below will expire in 19 days (on 03 Jun 20 13:11 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

mrchrisadams commented 4 years ago

None for using cloudflare - let's use them.

arendjantetteroo commented 4 years ago

Ok, i will see if i can take care of this first step saturday :)

arendjantetteroo commented 4 years ago

Cloudflare registered, waiting for dns server transfer from eurodns. Once that's done we can install the certbot plugin and make the certificates automatic.

And then figure out a way to phase out the old http api.

arendjantetteroo commented 4 years ago

@mrchrisadams looks like the new profiles at eurodns are not applied :(

mrchrisadams commented 4 years ago

Hey @arendjantetteroo can you DM with me with some details on how to log into the cloudflare admin? I don't think I have log in deets, and would like to try switching this over tonight.

mrchrisadams commented 4 years ago

Okay, I see the issue. neither of us have the necessary privileges to update the name servers.

We'll need to coordinate with Rene for this one.

mrchrisadams commented 4 years ago

Here's the link for reference.

https://help.eurodns.com/s/article/how-do-i-update-the-name-servers-of-my-domain?language=en_US

I think only an account with sufficient privileges gets to see these options:

In your account go to DOMAIN NAMES > ACTIVE. Move the cursor over the concerned domain and click on Manage on the right. Click on UPDATE NAME SERVERS.

arendjantetteroo commented 4 years ago

So cloudflare is now functioning, we still need to setup the certbot with the cloudflare plugin. We got until 3 june to do that.