Submit site to Chrome's HSTS preload list #53
Comments
|
Yes, also there are mixed content errors on the HTTPS version of the site (press For what it's worth, my strategy these days is to put everything behind CDNs, which then handle all the SSL/TLS stuff for me with very minimal setup. All my sites are HTTPS-only. I currently use CloudFront (which is dirt-cheap) for most things and Cloudflare for other things, which is free if you're ok with the limitations of their free SSL/TLS (else it's 5$ or 10$ a month for a "dedicated" certificate) and is quite a bit easier to setup. (I would move everything to Cloudflare if they had "proper" free certificates.) Hope this helps. |
|
@Hexstream I believe the mixed content errors can be fixed by simply adding the "s" to those links in the source code of the site. Both offer HTTPS versions. Although the Yahoo one appears to be down. For a small site like this, editing the server configuration to always redirect to HTTPS should not take more than an hour. |
|
Thanks. We will come back to this after the ongoing site revamp is done. |
|
Looking forward to the site revamp! (btw, regarding my previous comment, now all my sites are 100% on DigitalOcean through Cloudflare.) |
|
Is this still a relevant thing to do? We now have site updates going out again, and the site is hosted on GitHub Pages with DNS configured at Cloudflare. So we ought to be able to achieve whatever is useful to do here. |
|
Yes, in 2024 enabling HSTS then submitting to the HSTS preload list is a trivial matter and a complete no-brainer for an already HTTPS-compliant and Cloudflare-using website such as unlicense.org. (There is no point in supporting HTTP other than as a redirect to HTTPS anyway...) Note that 100% of my web infrastructure is now on Cloudflare, which I highly recommend! |
It would be nice if the HTTP version of unlicense.org redirected to HTTPS and all the requirements in https://hstspreload.org/ were met so it can be submitted.
The text was updated successfully, but these errors were encountered: