Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

When a user visits your site with a modern browser in default configuration they'll get an error page along the lines of:

  Secure site not available

  Most likely, the web site simply does not support HTTPS.

  However, it’s also possible that an attacker is involved. If you continue to the web site, you should not enter any sensitive info. If you continue, HTTPS-Only mode will be turned off temporarily for the site.

  [Continue to HTTP site]
(Copied from Firefox on Android)

Personally I think that's reason to do it alone, for the price of a free Let's Encrypt cert you can deliver much better UX. You presumably want people to visit your site.



>When a user visits your site with a modern browser in default configuration they'll get an error page along the lines of:

Neither desktop firefox nor chrome seem to do this by default, at least on my Mac (actually I think I'm wrong about Firefox on desktop as well, thanks to a guestbook signer!). Maybe it's a Firefox mobile thing, rather than a modernity thing?

>for the price of a free Let's Encrypt cert you can deliver much better UX

I'm going to get around to it, I promise haha.

Btw if anyone does visit the site, please do sign my guestbook: http://darigo.su/33chan (but be warned, a MITM might intercept and alter your comment!!)


> Neither desktop firefox nor chrome seem to do this by default

they do, you probably just checked the "i'm sure this is safe" button

posted a pic on the imageboard hehe


As your screenshot says, you've enabled HTTPS-Only Mode - that's not the default, though, so most(?) Firefox users don't see that.


Thanks for visiting! Receiving guestbook comments is such a delight. Does Chrome also give you this warning on desktop?


nope




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: