Kevin de Bie

Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)
  • Forum: Fixing WordPress
    In reply to: WP Calls HTTPS images on HTTP page.
    Thread Starter Kevin de Bie

    (@alphabootis)

    11 years, 1 month ago

    Yes, because it is an option? ¯\_(ツ)_/¯

    I mean, if you consider that you have to, then you’re the one forcing yourself to do it. 🙂

    Using SSL is just as logical as locking the door of your house when you leave. Not using SSL needlessly increases the potential of someone breaking into your wordpress instance.
    So yes, it is my choice, but I like to have everything properly locked, as should everybody else.

    Forum: Fixing WordPress
    In reply to: WP Calls HTTPS images on HTTP page.
    Thread Starter Kevin de Bie

    (@alphabootis)

    11 years, 1 month ago

    I recommend joining in the discussion at https://core.trac.ww.wp.xz.cn/ticket/32112#comment:23

    I have thanks.

    No one is forcing you to use SSL in the backend, but with regards to buying a certificate, keep your eyes on https://letsencrypt.org/ for some interesting developments.

    You consider not running SSL in the back-end an option?
    To me, anything that transmits any sort of private information, such as passwords, needs to be encrypted. If not it can be intercepted by anyone running something like wireshark somewhere in between you and your wordpress server.

    Forum: Fixing WordPress
    In reply to: WP Calls HTTPS images on HTTP page.
    Thread Starter Kevin de Bie

    (@alphabootis)

    11 years, 1 month ago

    Thanks a lot for these quick and clear replies.
    I definately consider this behavior a bug or at best very unpleasant. I will consider employing some other means of patching this, possibly the suggested htaccess method. The person using this wordpress installation lacks the technical knowhow to understand what is going on here so I dont see how explaining the notepad/replace all solution will make the world a better place. 🙂
    Good to know it is not my webserver somehow fiddling about and this is, in fact, by design.

    Why are the links not relative to begin with? I dont feel this sort of thing should be hard-coded and instead should be interpreted by the vistor’s browser.
    I can see this beeing a headache with multiple domains for example. Also using SSL for the back-end I’m pretty sure is considered best practice, but buying a certificate just for that purpose is definately overkill.

Viewing 3 replies - 1 through 3 (of 3 total)