Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
It's called "Client Syndrome" and is a very serious illness with a near zero chance to heal. Only extreme patience and calmness can help to lower its side effects and impact on the affected person's surrounding.
-
eeee31237y@PonySlaystation but wait, are you saying that we let mentally impaired people pay us? That's wrong on so many levels!
-
Linux434917y@linuxxx
Either that or ePR.
But, it is important to note that TLS is a must if you have a form anyway, Chrome will label all websites that is over http as insecure later this year. So that is probably an argumentent that most of your customers will accept ;) -
People should be afraid to even access a normal website without that extra letter "S" in http, well it looks cooler :P
Seriously now, http only websites should stop, there is LE for basic websites unless people are not willing to do anything. -
nightowl6987ySurely the potential to be fined or have legal action taken should be enough of an argument? (Assuming of course that it's as serious as that, I know a lot of noise has been made about GDPR for example but I don't know about this specific law you mention - if it's a law, it must be followed...)
And as @gitpush pointed out, there's really no excuse not to use https as any site can use it now - LetsEncrypt for free, or other certificate authorities that can be paid for.
As for http - redirect to https and be done with it :D -
The sad thing is one client came to me (knowing almost nothing about computers in general) and said that their website is showing as dangerous... After several hours of explaining what I need to know from them I finally found out that they are using Invision... These fuckers do not allow you to use SSL unless you pay something like $20 extra a month (for $5/mo hosting) which is fucking insane, 90% sure they use LE certificates and they charge $20 for that... Fucking assholes... I did not manage to convince the client to use different hosting because they want Invision because "the others use it too"... I just basically started ignoring that guy at that point and never wrote back to any of his messages.
(to clarify: I made some info website and a Discord bot for this guy in the past - that's why I called him a client) -
Everyone should be using Lets Encrypt these days for everything. I got certs for all my personal websites a while back; even wrote a little tutorial of how to do it all in Docker:
https://penguindreams.org/blog/... -
Linux434917y@elcore
Why do the dutch have a different name for GDPR? Does not make Sense.
Search for ePrivacy Regulation -
SITCHEZ967y@Linux AVG it's the dutch shotcut for GDPR in the national language. AVG means there "algemene verordening gegevensbescherming"
Here in Germany it's called "europäische Datenschutz-Grundverordnung" (short: EU-DSGVO) (we germans love crazy shortcuts for our complex lawnames). -
creator20157yStack Exchange mentioned in a blog that they don't require a lot of security since most of their data is open and user auth is handled by other oauth2 providers, and an https connection is an overkill for them. They did that to stay relevant. They did write about their complete migration on https and how they work with TLS and certificates etc.
-
Client logic: Google search positions >>>>> transmitting your users data securely
-
vityavv1267yReading all of these comments, I'm so happy that I got an ssl cert for my site. I'll do shit in seo because of the free domain but it's nice to see that any potential international viewers won't have to suffer. It really isn't that hard to ssl, and it's *free*, people!
Related Rants
New Dutch (or european?) law requiring https for any website with a contact form or higher is going into effect very soon. Were contacting customers so they can still be on time with this, this is how most convo's go:
Collegue: *explains*
Client: Im sure my security is good enough...
Collegue: i'd really recommend it, we've got free options as well!
Client: its just a secure connection, whats the big deal...
Collegue: *more arguments*
Client: I just don't see the point, security.... well.... does it really matter that much...
Collegue: Google might place you lower in the search results if you don't get a secure connection.
Client: πΆπ₯π΅ uhm so what were the https options again? π
I hope they all die a painful death π
rant
fucking cunts