The site is now running on HTTPS

Niall

All Powerful Super Being
Staff
Joined
Jun 13, 1999
Messages
25,574
This has been a long time coming but finally the site is running on HTTPS instead of good ol' insecure HTTP. The main benefit of this change is security. All data sent by you to the site, and from the site to you, is now encrypted and cannot be snooped or tampered with by potential "evil doers".

We've rolled out the change across the whole site in one fell swoop and everything should just work as normal. However, if you run into any oddities please let me know in this thread.

One oddity already reported is being logged out on some pages and then back in again on others. This is temporary while we roll out the HTTPS change. In the meantime if you find yourself being logged out, click the site logo in the top left and that will take you to a secure version of the site where you should be logged in. So long as you follow links on the page you should stay logged in. If you follow bookmarks that use the old HTTP URL you could end up being logged out.

Also make sure you're using a reasonably up-to-date browser or you may get connection errors. If this is happening to you, please let me know (if you can!).

Another important thing to note with this change is that the site no longer allows embedding of HTTP images. Doing so would break the security of the page the image is embedded on. Thankfully most sites now support HTTPS so there should be a secure version available for most images. However, if you try to embed an image without a HTTPS alternative, you will see an error (shown below) and not be able to submit your post.

image-not-allowed.png


All existing HTTP image URLs in posts have been updated to use HTTPS. Where a HTTPS image is available they continue to work, where it is not, a broken image icon will be shown.

Not ideal I know, but as the site's policy is not to host any user generated media (and that includes using XenForo's image proxy feature) we'll just have to live with this limitation.

Next stop, the upgrade to XenForo 2 and with it a bunch of new features and brand new design. That's still a few weeks away so watch this space...
 
Cheers for the update. I don't follow many other forums, but Caf has always been top notch (apart from rare moments when it went down during meltdowns, but maybe for the better) so I'm happy to see further improvements
 
I updated my bookmark for the Caf to https and no longer have the problem of not being logged in. Cheers Niall.
 
My heart skipped a beat when I noticed a marquee notification zap across the screen. Thought for a minute that it was a Done Dealio transfer alert.

Kudos for the good work @Niall

Edit: Site icon no longer showing? (Internet Explorer 11)
 
Last edited:
Fanatic 00237 said:
My heart skipped a beat when I noticed a marquee notification zap across the screen. Thought for a minute that it was a Done Dealio transfer alert.

Kudos for the good work @Niall

Edit: Site icon no longer showing? (Internet Explorer 11)
Click to expand...

What kind of psychopath uses Internet Explorer :eek:
 
Quick note - anyone that has the site bookmarked will have to change the link to the https one. If you have the old link it will show you as not logged in until you change it.
 
Great. The caf was probably the only site I regularly used that wasnt https.. while that never bothered me, this is definitely a great move.

Thanks Niall.
 
It would be incredible for RedCafe to design an actual app using IOS and Android. How cool would that be? An actual app:
 
Good news.

I seems to be logged out everytime i close the page and when i come back i says im not logged in.
However, if i click on any thread i log straight in again. The only thing i can click and nothing happens are the ”sign up, log in” button.
 
I got redirected back to http after logging in, had to type https in manually in address bar to go back again.

Just tried in a private window in case cookie issue but same thing happens. On latest chrome.
 
Does this stop users nicking people’s posts to post on other forums?
 
BootsyCollins said:
Good news.

I seems to be logged out everytime i close the page and when i come back i says im not logged in.
However, if i click on any thread i log straight in again. The only thing i can click and nothing happens are the ”sign up, log in” button.
Click to expand...

I am also having this issue.
 
BootsyCollins said:
Good news.

I seems to be logged out everytime i close the page and when i come back i says im not logged in.
However, if i click on any thread i log straight in again. The only thing i can click and nothing happens are the ”sign up, log in” button.
Click to expand...

Same for me.
 
BootsyCollins said:
Good news.

I seems to be logged out everytime i close the page and when i come back i says im not logged in.
However, if i click on any thread i log straight in again. The only thing i can click and nothing happens are the ”sign up, log in” button.
Click to expand...
BlueMoonOutcast said:
I am also having this issue.
Click to expand...
roonster09 said:
Same for me.
Click to expand...
saivet said:
Me too.
Click to expand...

Yes this is related to what I wrote in my OP:

One oddity already reported is being logged out on some pages and then back in again on others. This is temporary while we roll out the HTTPS change. In the meantime if you find yourself being logged out, click the site logo in the top left and that will take you to a secure version of the site where you should be logged in. So long as you follow links on the page you should stay logged in. If you follow bookmarks that use the old HTTP URL you could end up being logged out.
Click to expand...

This will be sorted tomorrow. We're just ironing out a few kinks before redirecting all HTTP requests to HTTPS. Then these logged in / logged out issues should go away.
 
I came across the logged in/out oddity. On the main page, I was logged out, and it just refreshed the website when I clicked "Log In"

However, when I clicked on a thread, I was suddenly logged in, as I always am. Guessing maybe a cache issue or something, but I don't want to empty my cache. It's my cache, and I love it.
 
Uniquim said:
I came across the logged in/out oddity. On the main page, I was logged out, and it just refreshed the website when I clicked "Log In"

However, when I clicked on a thread, I was suddenly still logged in, as I always am. Guessing maybe a cache issue or something, but I don't want to empty my cache. It's my cache, and I love it.
Click to expand...

I'm having the same thing.

Sounds like it's an issue that will be sorted though.
 
Uniquim said:
On the main page, I was logged out, and it just refreshed the website when I clicked "Log In"
Click to expand...

Yeah clicking "Log in" results in some odd behaviour. Clicking "Log in" does in fact take you to the HTTPS login page, but because on HTTPS you're logged in the site decides that you don't need to view the login page and instead redirects you back to where you came from (i.e. the homepage on HTTP). So it looks like it's not working.

The best solution is to click on the logo in the top left and that will take you to the HTTPS homepage and all should work properly from there.

Again, once we setup proper redirects this problem will go away.
 
You need to redirect the http site to https, you should be able to do a 301 redirect
 
Red Star One said:
Cheers for the update. I don't follow many other forums, but Caf has always been top notch (apart from rare moments when it went down during meltdowns, but maybe for the better) so I'm happy to see further improvements
Click to expand...
I miss the caf going down. You knew some serious shit was happening.
 
Cassidy said:
You need to redirect the http site to https, you should be able to do a 301 redirect
Click to expand...

I know :) just holding off on redirects until confident all is working well with https.
 
Dwazza Gunnar Solskjær said:
All of my tinypic uploads...gone. :(
Click to expand...
It was shutting down anyway

TinyPic is shutting down in 2019

TinyPic is shutting down its image hosting service because we can no longer support a free service that derives 100% of its revenue from ever declining on-site ad revenues.
While you may continue to host images from our site until further notice, we encourage you to consider selecting one of the premium plans offered by our sister site, Photobucket.
Thanks for using TinyPic for your hosting needs over the years. We apologize that we can no longer continue providing this service, but Photobucket is a great option going forward.
Click to expand...
 
You must log in or register to reply here.