FreakinFoss  
Is there a reason not to force all HTTP traffic to be pushed to HTTPS?
Nov 22, 2022 at 12:22pmWeb
Show threadPaul de FerneyNov 22, 2022
@freakinbox on the internet, probably not. In private networks, like my home network, it's already becoming difficult to access config pages in http. Forcing https in the browser for private networks as well would make all this network equipment unnecessarily inaccessible. #ForcedObscelence
Show threadFreakinFoss  Nov 22, 2022

@makegeneve This would only be for the webpage itself.

I would redirect in Nginx and not on my router. Router would still allow port 80 since I believe it is required for the Twitter API I have to work with as well.

I still have a lot to learn about what I can do specifically without messing anything else up. lol

Show threadPaul de FerneyNov 22, 2022
@freakinbox if it's an experiment in your network give it a try 😀 Let us all know what broke.
Show threadFreakinFoss  Nov 22, 2022

@makegeneve It's more than an experiment lol. The site is hosted externally as well.

Well... landing page for now lol

Show threadPaul de FerneyNov 22, 2022
@freakinbox an external web site *should* be forced https by now imho. Just make sure you do it in a non-breaking way.
Show threadPaul de FerneyNov 22, 2022
@freakinbox happily, the solution is obvious,and we know what IP addresses are private networks. We'd probably need a whitelisting system for corporate networks using public IP addresses still using older kit.
Show threadLeviNov 22, 2022

@freakinbox I'm sure there's an obscure use case that I can't think of, but in general it's a "no".

It requires a 301 redirect which will delay loading by 1 ping time... but most new traffic will come to https anyway.

Show threadWilliam WittNov 22, 2022

@freakinbox @levi If you happen to be into retro hardware/software *and* you want your retro kit to be able to access the site, leaving an HTTP option open makes sense. Modern SSL/TLS standards frequently leave older browsers behind.

On the other hand, if all of your clients are modern hardware with modern browsers and you are comfortable installing certs on the server there isn’t any harm.

Show threadLeviNov 22, 2022

@unamanic @freakinbox yeah I guess that's a fair point. I imagine js support would be a more common problem?

I'm sure loads of devs for personal sites and such don't consider backwards compat past the last few major versions

Show threadFreakinFoss  Nov 22, 2022
@levi @unamanic Backwards compatibility is why I asked. :)