RSS

Free HTTPS Everywhere!

13 Apr

OnlyTheGretestActorEverA couple of posts ago you may remember that a reblog from Resa’s site came back as being an insecure connection.  It turns out it was a breach in WordPress security and as a result of Resa’s emails and my technical buffoonery skills we managed to come up with a coherent reason for what we thought was wrong so the technical boffins could sort it.

As a result, WP has rolled out a feature that they have had in the pipeline for a time but wasn’t due to be released so soon and that is free HTTPS for all custom domains hosted on WordPress.com. This brings the security and performance of modern encryption to every blog and website we host. You can read the whole announcement here if you’re interested and haven’t come across it already you can find the details here.  Save your thanks people, we only accept money, books or exotic food.

If you would like us to fix your problem drop a comment below, be it the Middle East Peace Process or a Rubik’s Cube, no problem is too…problemy.  Now that blogs everywhere are safe, our work here is done and it’s time to enigmatically abseil down the side of a handily placed building which we just happened to be on top of but I didn’t mention before.

You’re welcome WordPress, you’re welcome.

Advertisements
 
31 Comments

Posted by on 13/04/2016 in Blogging

 

Tags: , , , ,

31 responses to “Free HTTPS Everywhere!

  1. Jeff

    13/04/2016 at 15:10

    Call me naive, but I thought WP accounts were already secure because they have a password protected HTTPS connection like any cloud-based service. Did reblog leave bloggers’ original posts and accounts open in some way?

    Like

     
    • Ste J

      13/04/2016 at 15:23

      Afternoon, well my understanding of the technicals is almost nonexistent but from what I gather self hosting domains had a problem with the security as they must have a different system…I read once that people need to update something or other when they self host, so not sure if somebody ha done something over that. The domain name and sever certificate were out of whack, it was only because I reblogged that I noticed. I am not sure how all this works as you can tell or what the ramifications would have been were it not caught when it was.

      Like

       
      • Jeff

        13/04/2016 at 15:38

        Well spotted then. I vaguely remember when I was a Typepad user in about 2007 that someone I met through blogging was a WP user in a real spin about security. There was a sequence of WP security problems back in those days. Of course, as my digest of that hacking book from that time attests, hackers were thoughtful and misunderstood; presumably the fuss was over nothing.
        Whatever: well done – Guardian Tech Weekly predicted that 2016 will see a gear change in cyber-security breaches. Last year I managed to shut down a hack as it happened through Adobe Flash Player. Don’t use the plugin now (way too leaky). Not sure what anyone’s options would have been on an HTTPS hack. Not good, I would guess, given that once someone’s in on a session, I don’t think changing the password would affect them until they logoff. Even then you’ve got to be there when it happens, and notice live changes going on that are not yours.

        Like

         
        • Ste J

          13/04/2016 at 15:47

          It’s a tricky thing to spot for most of us, we just want to sign on, type some stuff, have a natter and wander off, it is annoying to think anybody would wish to come in and mess around. I try to use as little as possible of addons and plugins and hardly download anything these days unless it is vouched for. I think I need to get myself more clued in to the modern world.

          Liked by 1 person

           
          • Lyn

            13/04/2016 at 23:30

            It’s a tricky thing to spot for most of us, we just want to sign on, type some stuff, have a natter and wander off I could not have said it better myself, Ste J. That’s what most of us want. Well that, and chocolate, coffee and world peace 😉

            Like

             
  2. Jill Weatherholt

    13/04/2016 at 15:45

    Thanks for spreading the word, Ste J. 🙂

    Like

     
    • Ste J

      13/04/2016 at 15:48

      I like to think my life is a series of mostly happy accidents!

      Liked by 1 person

       
  3. Maniparna Sengupta Majumder

    13/04/2016 at 21:43

    That’s a good news indeed for all WP bloggers… 🙂

    Like

     
    • Ste J

      14/04/2016 at 09:15

      It felt nice to give something back to this free platform that has given me so many awesome memories…even if I don’t quite know what it all means.

      Liked by 1 person

       
  4. Lyn

    13/04/2016 at 23:32

    ~sigh~ what hope is there for us non-techy-thingy people?

    Like

     
    • Ste J

      14/04/2016 at 09:56

      Maybe one day it will be simplistic enough to not put me off exploring that murky world.

      Liked by 1 person

       
  5. clarepooley33

    14/04/2016 at 00:01

    Thanks Ste J!

    Like

     
  6. Bumba

    14/04/2016 at 02:38

    I don’t understand what the http you’re talking about, but thanks for your efforts. I’d like to contribute some exotic food. I was thinking, maybe after Passover (after it passes over) you’d like a half-opened box of matzos? They’re delicious.

    Like

     
    • Ste J

      14/04/2016 at 09:17

      Half open is the best kind! I’m glad I’m not the only one that has no idea what all the technical stuff means.

      Like

       
  7. Jilanne Hoffmann

    14/04/2016 at 07:30

    Well, I certainly feel more safe and secure. Not sure from what. But definitely safer. Don’t make fun of me. I’m a luddite. 😀

    Like

     
    • Ste J

      14/04/2016 at 09:06

      That’s exactly how I felt, the connection warning went away thanks presumably to strings of letters and numbers and that was enough for me. It’s all a bit too modern for me this coding malarkey.

      Liked by 1 person

       
  8. shadowoperator

    14/04/2016 at 11:19

    Hi, Ste J. I know from nothing about what you’re discussing, but I can tell you that although I don’t have a custom website, about two years ago, WordPress just suddenly told me that my http would no longer word adequately in future, and that I should change my address to the prefix https. I did, and the rest is history. It seems weird that they would not have told the same thing to people who pay for custom sites (I don’t pay), but there you go–the world works oddly.

    Like

     
    • Ste J

      14/04/2016 at 12:17

      It is a strange one but I don’t know enough about how it works, perhaps if I got my head out of a book a little more often I would bother to figure it out but like a drug, books are just too addictive, I wish I had a dealer who would sell me illicit books and do that secret handshake thing to exchange money. Perhaps when our world goes all dystopian that will really be a thing.

      Like

       
  9. Sarah

    14/04/2016 at 21:52

    I do not know of what you speak, except that we should send you kumquats. (I tend to duck when low-flying tech is in-coming, but am grateful someone’s being vigilant for the rest of us 🙂 )

    Like

     
    • Ste J

      15/04/2016 at 09:04

      Kumquat has no anagrams, I spent five minuets with pen and paper finding that out. I prefer my tech to be quite old so it is dumbed down to what I can understand, until then it gets ignored because it isn’t in a book and I refuse to buy those ‘… for dummies’ guides for fear of being seen with it in public, that’d be worse than having a Richard and Judy’s Book Club sticker on the front of a purchase.

      Like

       
  10. Resa

    14/04/2016 at 23:19

    It really irritated me that the neat shots you took did not come out in the reblog & that there was a message that my site’s connection was insecure. It’s the most I ever tried to get an entity to see my situation. I am so happy to have the green padlock! Interestingly enough, the custom URLs are verified by “Let’s Encrypt”. The .wordpress.com sites and WP Admin are verified by “GoDaddy.”

    Like

     
    • Ste J

      15/04/2016 at 09:26

      The next shots will come out just fine now we have got the issue sorted and I need to send you another email on that soon. How strange that two different certification thingies are used but then again maybe that is standard, I have no idea about blogs, as long as they work I am happy.

      Liked by 1 person

       
  11. Liz

    15/04/2016 at 09:39

    Many thanks for this, but be careful, you never know who might be watching and listening…..

    Like

     
  12. Theanne aka magnoliamoonpie

    15/04/2016 at 16:16

    Thank you and Resa for your efforts 🙂

    Like

     
  13. macjam47

    17/04/2016 at 05:30

    Thanks for sharing this Steve.

    Like

     
    • Ste J

      17/04/2016 at 16:40

      It’s good that it got sorted reasonably promptly and that we are all safe again.

      Liked by 1 person

       

Tell me stuff...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: