 |
 |
I don't think Internet Archive will view https sites. Internet Archive just a few weeks ago added the option to let you add a page while browsing, and I have been unable to add https pages when I submit them. -Wilhelmina Randtke On Sat, Nov 9, 2013 at 2:09 PM, Ranti Junus <[log in to unmask]> wrote: > Hi All, > > If code4lb.org switched to HTTPS by default, can their content still be > archived by the Internet Archive? > > > thanks, > ranti. > > > On Thu, Nov 7, 2013 at 1:16 PM, Ordway, Ryan <[log in to unmask] > >wrote: > > > The simplest solution would be to modify the settings.php to start > pushing > > everything over HTTPS once someone has hit an HTTPS URL. The current > > code4lib server has been here at OSU longer than I have (and I've been > here > > for 8+ years), and it's at MOST running at about 25% CPU capacity. > Pushing > > everything over HTTPS is probably fine too. > > > > As for additional administrative overhead, if someone else wants to > manage > > the certificate procurement and renewal, it takes me about 5 minutes > every > > year to put a new certificate in place and then restart Apache once I > have > > a certificate file. > > > > > > On Wed, Nov 6, 2013 at 8:34 PM, Chad Fennell <[log in to unmask]> wrote: > > > > > On Wed, Nov 6, 2013 at 8:49 PM, Ross Singer <[log in to unmask]> > > wrote: > > > > > > > I guess I just don't see why http and https can't coexist. > > > > > > > > > > > They can definitely coexist, but there is a corresponding maintenance > > cost > > > and a slightly higher risk profile (e.g. session hijacking is still > > > possible in a variety of mixed http/https configurations). I noticed a > a > > > pretty good, if a bit dated, run-down of the tradeoffs for various > secure > > > setups in Drupal > > > > > > > > > http://drupalscout.com/knowledge-base/drupal-and-ssl-multiple-recipes-possible-solutions-https > > > . > > > Even if the solutions have somewhat changed, it does get at the idea of > > > what some of the tradeoffs are between security, usability and > > maintenance. > > > > > > Just today, I noticed a security alert ( > https://drupal.org/node/2129381) > > > for the Drupal 6 Secure Pages module where theoretically secured pages > > and > > > forms could be transmitted in the clear. This is the module you'd most > > > likely use to achieve a mixed http/https site in Drupal. > > > > > > I have personally tended to just put everything behind https because of > > the > > > added work/modules/maintenance associated to running it along side of > > http > > > (in Drupal, specifically), but I am a lazy person with access to free > > certs > > > and ferncer servers. > > > > > > HTH > > > -- > > > Chad Fennell > > > Web Developer > > > University of Minnesota Libraries > > > (612) 626-4186 > > > > > > > > > -- > Bulk mail. Postage paid. >