Australian (ASX) Stock Market Forum

ASF moving to HTTPS

Jump to new
Joe Blow

Joe Blow

Administrator
Staff member
Joined
28 May 2004
Posts
10,892
Reactions
5,384
In the next couple of weeks ASF will be moving from HTTP to HTTPS, simply because it is becoming more important for websites to adopt the more secure protocol.

I am hoping that everything will go smoothly when the changeover occurs and it will be mostly unnoticeable due to redirects being put in place.

I adjusted one of the settings last night while I was conducting some testing and when I woke up this morning found that I was having some issues logging in. I have since changed the setting back to what it was originally. If anyone else is experiencing any website weirdness please let me know in this thread.

Thanks!
 
Joe Blow said:
In the next couple of weeks ASF will be moving from HTTP to HTTPS, simply because it is becoming more important for websites to adopt the more secure protocol.

I am hoping that everything will go smoothly when the changeover occurs and it will be mostly unnoticeable due to redirects being put in place.

I adjusted one of the settings last night while I was conducting some testing and when I woke up this morning found that I was having some issues logging in. I have since changed the setting back to what it was originally. If anyone else is experiencing any website weirdness please let me know in this thread.

Thanks!
Click to expand...

Wait what? ASF has been HTTP this whole time? It's showing HTTPS in my browser? What part hasn't been HTTPS?
 
galumay said:
Had the login issue too this morning so it must have been sitewide.
Click to expand...

Are you still experiencing any issues?

ThingyMajiggy said:
Wait what? ASF has been HTTP this whole time? It's showing HTTPS in my browser? What part hasn't been HTTPS?
Click to expand...

I've got the certificate installed but I haven't configured the forum software properly yet. Are you experiencing any issues on HTTPS?
 
Joe Blow said:
I've got the certificate installed but I haven't configured the forum software properly yet. Are you experiencing any issues on HTTPS?
Click to expand...

No all good, I was just convinced that logging in on ASF has always been via HTTPS, so am a bit surprised to see now that we're "going to HTTPS". Knowing how easy it is to sniff credentials over the wire, I'm surprised more than anything, all is running well though for me.
 
ThingyMajiggy said:
No all good, I was just convinced that logging in on ASF has always been via HTTPS, so am a bit surprised to see now that we're "going to HTTPS". Knowing how easy it is to sniff credentials over the wire, I'm surprised more than anything, all is running well though for me.
Click to expand...

OK that's great news. Thanks for letting me know. I will try and configure the forum software and set up the redirects tonight so it is ready for next week.
 
My bookmark had been https://www.aussiestockforums.com/ for years, but some time ago, my browser reverted to http. When I check why there is no lock icon, a warning pops up:

ASF-url.png

I didn't make a fuss because I figured, if there were anything uncouth coming from the site, my AVG would take care of it.

wrt Login: Yes, Joe, I was wondering why I had to login after a PC reboot. Meant to ask you about it if it had persisted. But wasn't in a hurry because it's not really a big issue. Even better if it's already fixed. :)

PS: Changed the bookmark back to https, and am pleased to report it's now showing the security lock.
 
Hi Joe. My log in isn't sticking on my mobile. I have to keep logging in once i close the browser, yet i have ticked the keep me logged in box.
 
I'm going to try and do the HTTPS changeover shortly. Many of you may need to log in again.

Let's see how it goes.
 
OK, I messed up. Sorry about that 15 minutes of downtime. I'll try again another time. :(
 
myrtie100 said:
Hi Joe. My log in isn't sticking on my mobile. I have to keep logging in once i close the browser, yet i have ticked the keep me logged in box.
Click to expand...
Hi Myrtie, try deleting the browser cache and rebooting your device to see if that helps.
 
Joe Blow said:
OK, I messed up. Sorry about that 15 minutes of downtime. I'll try again another time. :(
Click to expand...
Whatever you did seems to have worked, thanks Joe :)
This morning, I didn't have to log on again. I'm now back to using https:// and Firefox confirms that is indeed secure.
 
pixel said:
Whatever you did seems to have worked, thanks Joe :)
This morning, I didn't have to log on again. I'm now back to using https:// and Firefox confirms that is indeed secure.
Click to expand...
I'm glad things are back to normal but I'm not sure I know what I'm doing. Last night I tried forcing all HTTP requests to HTTPS and got a server error and 15 minutes of downtime for my trouble. I'll do some more reading and try again next weekend, probably late on a Saturday night when ASF's traffic is at it's lowest level.
 
pixel said:
I didn't make a fuss because I figured, if there were anything uncouth coming from the site, my AVG would take care of it.
Click to expand...

It's not really about anything coming from the site, it's really very easy to sniff your credentials when a site is just using HTTP and not HTTPS as it's transmitted in plain text and not encrypted. Your anti-virus would do nothing about it. Just a heads up for those that don't know.
 
See what I mean, transmitted in plain text. You'll want to get on that as soon as possible Joe, at least for logging in. Don't login/use ASF on any public wifi or untrusted networks around the place, like at your local coffee shop etc while it's HTTP at least.

ASFcapture.JPG
 
ThingyMajiggy said:
when a site is just using HTTP and not HTTPS as it's transmitted in plain text and not encrypted.
Click to expand...
Thanks for clarifying that :)
Nothing to be sniffed out from me. I'm behind my own firewall. Never use public wifis, least of all for banking and trading, but as a matter of principle not posting or blogging either.
Logins are different for every site I use.
... but I do appreciate your concern and, especially, Joe's efforts to keep us all protected.
 
In the last 24 hours I have returned to ASF at least 5 times and on each occasion I had been logged out and had to sign in again. The last one was 3 minutes ago. And yes I ticked the "stay logged in" tab, just letting you know, cheers.
 

Similar threads

Rypieee
Ryan's Trading Journal (F/A+T/A Strategy)
6 7 8
Replies
141
Views
33K
aus_trader
aus_trader
Some Dude
3G Access to ASF
Replies
15
Views
3K
DB008
DB008
Joe Blow
  • Sticky
How to identify an investment scam
3 4 5
Replies
98
Views
60K
farmerge
farmerge
Top