Secure all the things!
Today is a good day. A few hours ago, Let's Encrypt went from closed beta to public beta, allowing us (and everyone else) to get a free SSL certificate.
That means you can now access redstoner.com via encrypted HTTPS instead of plain text HTTP!
Although Redstoner may not be the most intimate website, there are still many reasons why encryption is important, those include protecting your privacy and protecting you from hacking, censoring, or theft attacks. Did you know anyone can take over your website accounts via HTTP on a public WiFi? Of course, global surveillance is also a reason – either directly or indirectly. Anyway, you now log in (and browse) securely!
A+ Grade Security
See the results here.
Compare that to Google:
Why am I logged out?
Sorry for that, I had to kick everyone out to make sure your insecure sessions are no longer valid. Otherwise there was a change your website account could still be taken over. That's not going to happen again, however.
Redirect to HTTPS
From now on, any attempts to connect to Redstoner via HTTP will be redirected to HTTPS, so you don't have to do anything.
We're also redirecting from subdomains (such as www.redstoner.com) to redstoner.com to keep things simple.
We're also using HTTP Strict Transport Security so your browser will remember that redirection. It will automatically switch to HTTPS even before it tries to connect to Redstoner.com
Yet another fancy term, meaning Online Certificate Status Protocol, allows us to revoke a (possibly updated, insecure, or compromised) certificate and adds an additional layer of security.
Partial encryption & Images
On some pages, your browser might warn you about 'Mixed Content'. It might be displayed as a lock with a warn icon:
It simply means redstoner.com is fully loaded via HTTPS but some images in the forum were loaded via HTTP.
That's something we can hardly fix, but you can help by embedding images with a https://imgur.com/… or https://puu.sh/… link.
Please note that some really old devices or browsers might not be able to access the site anymore. They have serious security flaws and should not be used anymore. Upgrade your browser, if possible.
I'll try to answer any questions in the comments below.