Hello everyone!

I've been doing a fair amount of backend infrastructure work here, and I'm happy to announce the beta availability of https://. https://everything2.com

For the non-technical types among us, this means that the URL will eventually have that little lock like many other sites. Previously TLS and SSL was the domain of retailers, but now major content sites such as Facebook and Google are pushing for it to be mandatory. Google feels so strongly about this in fact, that they are penalizing sites that do not use TLS by default. This means that we should rise up in our search rankings, which is always great.

We are going to spend about a week of beta testing while we clean up the last of the hardcoded non-secure references on the site, and then we'll transition to mandatory https everywhere.

We are using the LetsEncrypt CA, which is the industry consortium-based free CA. This is set to rotate in 90 days, and it should seamlessly do so without me having to touch it. This might mean it might not work in older Microsoft browsers, but Safari, Firefox, and Chrome are entirely okay.

We are looking for testers! If you see a warning on a page, or a particular utility that you like to use, please message me.

Nerd parts

It's going to take some time to get it optimally working. Ideally the Amazon ELB would be holding the certificate, and it won't matter to any of the underlying applications, but right now we're doing TCP load balancing. This meant that when we're doing mobile stuff more in earnest, things like TLS session resumption will be more hit or miss, because there's two webheads. It also means that there will probably be more load on the webheads when crawlers hit them, so I'll be keeping an eye on it before I open it up to the bots.

All in all, an important milestone for the site. Message me if you have any questions.

Log in or register to write something here or to contact authors.