A More Secure Wambooli

August 21, 2017

A More Secure Wambooli

Filed under: Main — admin @ 12:01 am

Sadly, I’m familiar with alarming messages about this website. Typically, the email is from my provider who alerts me with a hacking attempt on the site — a result from their sloppy security, not mine. (Read more here.) This latest email, telling me that my site is insecure, was from goliath Google itself.

I know that the site isn’t “secure” in terms of how it’s accessed: The URL is http and not https, which is the more secure, encrypted form of web page access. I get prompted to pay for that upgrade when I renew the wambooli.com hosting, but because I don’t ask for financial or other sensitive information on this site, it’s not been necessary.

Then comes the message shown in Figure 1.

Figure 1. What they hey, Google?

Immediately, I thought that the site had again been hacked. Upon re-reading the message, it wasn’t. The red flag for the site are the input fields in the blog. According to the email, when someone logs into the blog in the future, and they’re using the Google Chrome web browser, they’ll see a warning. In fact, they’ll see a warning on any website that doesn’t use the https protocol. That change is bound to freak-out a lot of users.

As I sat and stewed over the message, I shook my head. Yes, it’s inevitable. I’ll have to pay the $70/year extra to get Wambooli upgraded to https protocol, not because I ever plan on asking for secure information on the site, but because I don’t want my readers freaking out when Chrome has a spaz because the site uses http.

So I purchased the certificate and had it installed. The big question looming as I write this post (Friday, August 18) is how it affects access. For example, all my links are to http://www.wambooli.com/. Will the https protocol automatically switch over the domain? Or will I have to update every link on the site?

Time passes

It’s just a few hours since I installed the SSL Certificate. Right now, I can access the site two ways: http or https. I’ll have to do some research to see how to convert it over to https. I know that if you attempt to access other https sites (Google, Facebook) that you’re switched automatically.

Also, things are still making the transition as even when I specify https as the URL some parts of the site are labeled “not-secure.”

Two days later

The site is all updated. I found the directions to install the redirect, so however you access wambooli.com, the site shown is the secure version. Now I just have to wait until October to see how this change in Chrome affects the site, or whether I need to update my other sites as well.

By the way, I’ve learned that you can disable Chrome’s secure site checking. I’ll cover that topic in October as well.

Comments Off

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Registration
Due to an inordinate number of robot registrations, I've closed the blog to new commenters. You don't need an account to read the blog. If you'd like to make a comment, send me an email and I'll set up an account for you. Thanks!
Administuff
Recent Comments
- admin on eReal Estate
- glennp on eReal Estate
- admin on WiFi Hardware Update
- glennp on WiFi Hardware Update
- admin on The Disappearing Android Tablet
Search for: