Hello,
I went to access the dev.cmsmadesimple.org site to report an issue I've discovered with a module and I found that it apparently doesn't have an SSL cert associated with it?
On further investigation, the forum.cmsmadesimple.org link in the menu is not specified as https:// even though it has a valid cert. I can see it has a Let's encrpt cert. The menus seem to reflect the current state of the browser rather than defaulting to the secure links.
Surely for any modern site the links should be automatically rewritten to use https?
I can see that the primary site SSL cert has wildcard entries for a number of country domains and the primary *.cmsmadesimple.org
Can this be applied to the dev area as well? The forum should probably also use that cert as it's covered anyway.
All the best,
Mark.
Menu links and insecure areas
Re: Menu links and insecure areas
Unfortunately the old software we're using for the Forge breaks when using SSL and nobody on the current team has the skillset (or will) to try to fix it. A replacement is one of our highest priorities and is being worked on now.
The forum has ssl but it looks like we're not redirecting http traffic to it, I'll see if we can update that shortly.
The forum has ssl but it looks like we're not redirecting http traffic to it, I'll see if we can update that shortly.
Not getting the answer you need? CMSMS support options
Re: Menu links and insecure areas
Many thanks for the quick response, appreciated.
