Loading


Advertisement:

Author Topic: New Plugin HTTPS Workaround  (Read 225 times)

cartagena68

  • Hero Member
  • *****
  • Posts: 971
New Plugin HTTPS Workaround
« on: February 16, 2017, 01:14:45 am »
This plugin will avoid google chrome insecure site warning in login and register pages for http sites
( https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html ). 

This plugin will work only for google chrome browser, the others browsers will behave as usual.
This plugin is a  solution if you can't or do not want to buy a SSL certificate at the moment.


The plugin is available in the market    https://market.osclass.org/plugins/https-workaround_804
« Last Edit: February 16, 2017, 01:18:52 am by cartagena68 »

Aficionado

  • Hero Member
  • *****
  • Posts: 3972
  • Good things come to those who wait
Re: New Plugin HTTPS Workaround
« Reply #1 on: February 16, 2017, 05:09:47 pm »
Keep in mind that SSL are now FREE (two of them) and there is no need to buy anything.

cartagena68

  • Hero Member
  • *****
  • Posts: 971
Re: New Plugin HTTPS Workaround
« Reply #2 on: February 16, 2017, 05:27:50 pm »
Where you can find free SSl?

Aficionado

  • Hero Member
  • *****
  • Posts: 3972
  • Good things come to those who wait
Re: New Plugin HTTPS Workaround
« Reply #3 on: February 16, 2017, 05:46:03 pm »
Where you can find free SSl?

Most hosting providers offer this. With one click. I use Let's Encrypt SSL for all my sites now and also my provider offers a second free option also with Comodo SSL.

https://blog.mddhosting.com/2016/12/cpanel-autossl-free-ssl/

http://www.mddhosting.com/support/knowledgebase/16/How-do-I-get-an-SSL-certificate-and-how-do-I-use-it.html

Took me 10 minutes to turn 5 Osclass and 4 Wordpress to https: (well i had to fix some http hard coded in Osclass themes and plugins and also ALL Wordpress inline images, and that was extra work to avoid mixed content).


« Last Edit: February 16, 2017, 06:40:30 pm by Aficionado »

Liath

  • Sr. Member
  • ****
  • Posts: 435
  • #Kurt_Cobain { margin-bottom: -6.5ft; }
Re: New Plugin HTTPS Workaround
« Reply #4 on: February 16, 2017, 06:17:02 pm »

_CONEJO

  • Administrator
  • Hero Member
  • *****
  • Posts: 4340
Re: New Plugin HTTPS Workaround
« Reply #5 on: February 16, 2017, 09:09:38 pm »
If you have SSH access (or permissions to run any program), you could use certbot (and put it on cron so it auto renews your certificates too) : https://certbot.eff.org/

If you are using docker, you could use jwilder/nginx-proxy + JrCs/docker-letsencrypt-nginx-proxy-companion , again, autorenew

If you are in a shared hosting or without the ability to run certbot, you should ask your hosting company to do that for you (IT'S FREE with letsencrypt), some (good) companies already offer this option.

You could always pay for a SSL certificate if you want (or need) to

Aficionado

  • Hero Member
  • *****
  • Posts: 3972
  • Good things come to those who wait
Re: New Plugin HTTPS Workaround
« Reply #6 on: February 16, 2017, 09:39:39 pm »
If Cpanel is available, it is two clicks to install SSL.


Liath

  • Sr. Member
  • ****
  • Posts: 435
  • #Kurt_Cobain { margin-bottom: -6.5ft; }
Re: New Plugin HTTPS Workaround
« Reply #7 on: February 16, 2017, 09:59:03 pm »
same for plesk  ;D

cartagena68

  • Hero Member
  • *****
  • Posts: 971
Re: New Plugin HTTPS Workaround
« Reply #8 on: February 17, 2017, 03:10:06 am »
@ _CONEJO
I didn't know about the free ssl certificate
you think is better if i delete the plugin from market?

And i see a bug in the oc-admin update page, the JSON request for the osclass version is http://osclass.org/latest_version_v1.php?callback=?
and not https so if you are in https domain the update button is blocked

_CONEJO

  • Administrator
  • Hero Member
  • *****
  • Posts: 4340
Re: New Plugin HTTPS Workaround
« Reply #9 on: February 17, 2017, 10:30:15 am »
Not everyone is able to get a SSL for their website (yet), so I think it's ok to be in the market.

cartagena68

  • Hero Member
  • *****
  • Posts: 971
Re: New Plugin HTTPS Workaround
« Reply #10 on: February 17, 2017, 04:07:52 pm »
Not everyone is able to get a SSL for their website (yet), so I think it's ok to be in the market.

Ok, thank you.
You read about the update page in oc-admin?