I haven't played much with requesting a page be archived, so it's only a handful of links I had tried. From what Eric Hellman posted about hiccups, it doesn't sound like https is a barrier if you set up the site and want to allow archiving. -Wilhelmina Randtke On Sat, Nov 9, 2013 at 5:29 PM, Karen Coyle <[log in to unmask]> wrote: > The Archive says they can, but I've asked WR for the files she had trouble > with and they'll try them out. To be sure, there wasn't a huge amount of > testing that took place, so glitches are not unsurprising. > > > kc > > On 11/9/13 3:13 PM, Wilhelmina Randtke wrote: > >> I don't think Internet Archive will view https sites. Internet Archive >> just a few weeks ago added the option to let you add a page while >> browsing, >> and I have been unable to add https pages when I submit them. >> >> -Wilhelmina Randtke >> >> >> On Sat, Nov 9, 2013 at 2:09 PM, Ranti Junus <[log in to unmask]> >> wrote: >> >> Hi All, >>> >>> If code4lb.org switched to HTTPS by default, can their content still be >>> archived by the Internet Archive? >>> >>> >>> thanks, >>> ranti. >>> >>> >>> On Thu, Nov 7, 2013 at 1:16 PM, Ordway, Ryan <[log in to unmask] >>> >>>> wrote: >>>> The simplest solution would be to modify the settings.php to start >>>> >>> pushing >>> >>>> everything over HTTPS once someone has hit an HTTPS URL. The current >>>> code4lib server has been here at OSU longer than I have (and I've been >>>> >>> here >>> >>>> for 8+ years), and it's at MOST running at about 25% CPU capacity. >>>> >>> Pushing >>> >>>> everything over HTTPS is probably fine too. >>>> >>>> As for additional administrative overhead, if someone else wants to >>>> >>> manage >>> >>>> the certificate procurement and renewal, it takes me about 5 minutes >>>> >>> every >>> >>>> year to put a new certificate in place and then restart Apache once I >>>> >>> have >>> >>>> a certificate file. >>>> >>>> >>>> On Wed, Nov 6, 2013 at 8:34 PM, Chad Fennell <[log in to unmask]> wrote: >>>> >>>> On Wed, Nov 6, 2013 at 8:49 PM, Ross Singer <[log in to unmask]> >>>>> >>>> wrote: >>>> >>>>> I guess I just don't see why http and https can't coexist. >>>>>> >>>>>> >>>>>> They can definitely coexist, but there is a corresponding maintenance >>>>> >>>> cost >>>> >>>>> and a slightly higher risk profile (e.g. session hijacking is still >>>>> possible in a variety of mixed http/https configurations). I noticed a >>>>> >>>> a >>> >>>> pretty good, if a bit dated, run-down of the tradeoffs for various >>>>> >>>> secure >>> >>>> setups in Drupal >>>>> >>>>> >>>>> http://drupalscout.com/knowledge-base/drupal-and-ssl- >>> multiple-recipes-possible-solutions-https >>> >>>> . >>>>> Even if the solutions have somewhat changed, it does get at the idea of >>>>> what some of the tradeoffs are between security, usability and >>>>> >>>> maintenance. >>>> >>>>> Just today, I noticed a security alert ( >>>>> >>>> https://drupal.org/node/2129381) >>> >>>> for the Drupal 6 Secure Pages module where theoretically secured pages >>>>> >>>> and >>>> >>>>> forms could be transmitted in the clear. This is the module you'd most >>>>> likely use to achieve a mixed http/https site in Drupal. >>>>> >>>>> I have personally tended to just put everything behind https because of >>>>> >>>> the >>>> >>>>> added work/modules/maintenance associated to running it along side of >>>>> >>>> http >>>> >>>>> (in Drupal, specifically), but I am a lazy person with access to free >>>>> >>>> certs >>>> >>>>> and ferncer servers. >>>>> >>>>> HTH >>>>> -- >>>>> Chad Fennell >>>>> Web Developer >>>>> University of Minnesota Libraries >>>>> (612) 626-4186 >>>>> >>>>> >>> >>> -- >>> Bulk mail. Postage paid. >>> >>> > -- > Karen Coyle > [log in to unmask] http://kcoyle.net > m: 1-510-435-8234 > skype: kcoylenet >