Forced HTTPS Is Now On

tonyshowoff

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

Dashrender

@tonyshowoff said in Forced HTTPS Is Now On:

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

sadly I don't think they are anywhere near the worst.

travisdh1

@Dashrender said in Forced HTTPS Is Now On:

@tonyshowoff said in Forced HTTPS Is Now On:

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

sadly I don't think they are anywhere near the worst.

"Hacking" a lot of them is simply doing a google site search for .jpg...... kinda embarrassed to admit I know this.

scottalanmiller

@tonyshowoff said in Forced HTTPS Is Now On:

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

No, unless they start faxing porn to people and putting the user's personal details on the fax headers, they aren't close to being the worst.

tonyshowoff

@scottalanmiller said in Forced HTTPS Is Now On:

@tonyshowoff said in Forced HTTPS Is Now On:

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

No, unless they start faxing porn to people and putting the user's personal details on the fax headers, they aren't close to being the worst.

I meant in terms of, say, the famous Ashley Madison leak, essentially everyone I know, save myself, stores their data in the same way, forever, in addition to plaintext or base64 encoded credit card data, not even tokenising them. As far as I'm concerned, of any specific niche industry, it's consistently the worst, and most incompetent.

Edit: I would say though, that is the industry I have most experience in dealing with other similar industries. From a regular IT perspective, I've seen the same thing happen across the board, especially at apartment complexes, and .. basically any small business. The irony is that big businesses aren't typically that much better at it, look at Sony.

MattSpeller

@scottalanmiller said in Forced HTTPS Is Now On:

faxing porn to people and putting the user's personal details on the fax headers

Right then, that's my afternoons activities sorted.

tonyshowoff

@travisdh1 said in Forced HTTPS Is Now On:

@Dashrender said in Forced HTTPS Is Now On:

@tonyshowoff said in Forced HTTPS Is Now On:

@henriette I second the "//..." solution, we force it automagically, to the dismay of a couple of our affiliates I'm sad to say, they were upset they had to setup SSL since when it failed to properly load we stopped displaying them when people used SSL, which is by default, so they were losing a lot. You really have to twist some people's arms to get them to be more secure, and you'd think the adult entertainment industry, of all industries, would understand security (they don't, they're the worst).

sadly I don't think they are anywhere near the worst.

"Hacking" a lot of them is simply doing a google site search for .jpg...... kinda embarrassed to admit I know this.

So it was you!

minion

Still have mixed content issues...

minion

data-vocabulary.org and schema.org seem to be the issue.

minion

https://www.data-vocabulary.org/ - Works.

https://schema.org/ - Works