On Sat, Jan 11, 2020 at 01:44:20PM +0000, steve-ALUG@hst.me.uk wrote:
On 10/01/2020 18:40, Chris Green wrote:
On Fri, Jan 10, 2020 at 05:35:28PM +0000, steve-ALUG@hst.me.uk wrote:
I had a look at http://isbd.net/ which I presume is yours. I don't know if that's the one that you are talking about, but if it is, none of the pages opened as https for me.
They should now, if not then I'd be interested to know. I did the changes today (10th January) around 2pm.
None of the pages opened as https for me 11/1/20 13:22
Are you sure? When I try any http://isbd.uk/<something> pages I either get "Unable to connect" or I get automatically switched to https.
I'd be grateful if other people could try as well.
I've turned off port 80 access completely (or at least I believe I have), I've read several 'how to' pages about how to make apache2 https only and it feels as if it's all correct.
If you're not proficient in web-server security (I am not) then I would suggest for the needs you say you have, it might be simpler just to share stuff with your family via social media, email, or use a free website/blog (Blogger, Wordpress etc) and share your stuff there. That way, someone else (e.g. Google, Wordpress) looks after the security for you.
You really think using something ready-made like WordPress on somewhere like TsoHost is more secure! I'm not convinced.
As I said there's nothing really important on my web site. The only attack that has happened to it over the several years that it has been there was that someone guessed the (admittedly rather obvious at that time) password for the wiki and scribbled all over it. I changed the password to a more secure one and restored the wiki, I've not had any trouble since then.