Author Topic: May 24 Updates, SSL and GDPR  (Read 11218 times)

Slash

  • Creator of Roguetemple
  • Administrator
  • Rogueliker
  • *****
  • Posts: 1203
  • Karma: +4/-1
    • View Profile
    • Slashie.net
    • Email
May 24 Updates, SSL and GDPR
« on: May 24, 2018, 08:56:34 PM »
Hello all!

  • Updated SMF from 2.0.13 to 2.0.15
  • Installed SSL certificate and setup HTTP to HTTPS redirection
  • Installed mod for GDPR tools (link):
    • User now can export their profile data and post information
    • When a user deletes his account, his posts will be anonymized (IP Address and email removed, anonymous username set)
  • Updated Privacy Policy regarding data usage and GDPR rights

As usual, please let me know if something doesn't work :)

Allthatglitters

  • Newcomer
  • Posts: 3
  • Karma: +0/-0
    • View Profile
    • Email
Re: May 24 Updates, SSL and GDPR
« Reply #1 on: May 29, 2018, 10:14:31 AM »
Thanks for the forum. A question though about the captcha - does it have to be for every post and every edit?

I can imagine many people just giving up since it's so much effort.

And it clearly doesn't stop spam - see the latest ten or so posts by "samsam23"

Just a thought.

Slash

  • Creator of Roguetemple
  • Administrator
  • Rogueliker
  • *****
  • Posts: 1203
  • Karma: +4/-1
    • View Profile
    • Slashie.net
    • Email
Re: May 24 Updates, SSL and GDPR
« Reply #2 on: May 29, 2018, 02:20:22 PM »
Sure, I think it only works that way for the first few posts? I may be wrong, I need to check back into it.

I dream a world without spambots.

Kyzrati

  • 7DRL Reviewer
  • Rogueliker
  • *
  • Posts: 508
  • Karma: +0/-0
    • View Profile
    • Grid Sage Games
    • Email
Re: May 24 Updates, SSL and GDPR
« Reply #3 on: November 13, 2018, 08:28:51 AM »
As usual, please let me know if something doesn't work :)
Note that although you've switched to HTTPS, most forum pages are still not secure. You need to ensure all images (including even avatars and icons, for example) also fall under the HTTPS rules, otherwise the site is marked as mixed content, which isn't fully secure. (On SMF simply redirecting HTTP to HTTPS isn't enough!)

Edit: Also, I've been seeing people mention elsewhere that they can't/won't visit the Temple because of this and/or the "improperly configured certificate" issue.
« Last Edit: November 13, 2018, 08:31:26 AM by Kyzrati »