Hi! I'm a new member here (been a lurker for a while) so my apologies if this has come up before. I saw this mentioned over in
this thread earlier this year but couldn't find a direct thread on this question.
Has there been discussion on adding TLS (HTTPS) support to ArcadeControls -- both the main website and forum?
Services like
Let's Encrypt now exist and offer completely free certificates; this removes the cost barrier that once existed. Besides allowing users of the forum to authenticate (eg, login) securely without potentially compromising their credentials, it is really important that users of this site/forum aren't susceptible to man-in-the-middle attacks when using the site on untrusted networks (eg, coffee shops, hotels, etc). Additionally, browsers very soon will stop allowing users to navigate to http sites in the near future --
Google is pushing the entire web (via Chrome) to enable HTTPS everywhere. Chrome now shows a "Not Secure" message next to the URL bar and at a later date, users will likely be getting warning pages telling them that the site they are trying to visit is not secure (similar to what you get today with a bad certificate).
Here is more information on why this is important:
-
https://www.troyhunt.com/heres-why-your-static-website-needs-https/-
https://scotthelme.co.uk/https-anti-vaxxers/I'm happy to help the admin(s) here with this as I have experience getting this setup in this area.