Return to Project-GC

Welcome to Project-GC Q&A. Ask questions and get answers from other Project-GC users.

If you get a good answer, click the checkbox on the left to select it as the best answer.

Upvote answers or questions that have helped you.

If you don't get clear answers, edit your question to make it clearer.

+10 votes
For security for both project-gc and its users, I recommend forcing https for

For a good talk about the issue:

Talk is from Google I/O 2016
closed with the note: Old question, fixed now
in Feature requests by kro8 (220 points)
closed by kro8
great idea, I'm voting for it! does not need a certificate from letsencrypt, it has one from Comodo already. If you just write in https:// instead of http:// you will be served the https version of project-gc. There will be quite a number of insecure (unencrypted) elements on the page, but the page itself will be encrypted.
If you look at my suggestion one more time, you will see that it I wrote: "forcing https for".

Using Letsencrypt was a suggestion.
@kro8: Yes, I am aware that forcing https was your suggestion. If you look at my comment one more time you can see that I am not commenting on that part. I am merely pointing out that project-gc already has a TLS certificate from Comodo.
This is an old question from 2016
Thanks for closing it.

2 Answers

+2 votes
Project GC is using only HTTPS for some years now.
by Jakuje (Moderator) (116k points)
0 votes
I'm not able to open PGC with http. On no device.

It isn't possible, it always forces HTTPS.

Which Browser allows you to connect unencrypted and what's the version?
by Onkel Benny (3.5k points)
This does not answer the question.
I think I do.

I explained that today with actual browsers it isn't possible to establish a http connection to PGC.

Additionally I personally offered the support to test the scenario with the users browser. So I had to ask for the browser and version.

I was not aware that you opend a 4 year old post while writing the topic ist also solved for some years...

My Vote Up for your post isn't worth in this case.
Unfortunately I can't withdraw it :(

But I'll Vote up the Question of kro8 because of the very good suggestion and sensitization of the http/s topic! Thanks!
That's part of answering to understand the question. If you end your answer with question mark, it is a good candidate for a comment.
Yes, it is 4 years old from the time when pgc was accessible only through http (or also ... not sure now). I noticed it during reviewing of the unanswered list (for the outdated checker requests) and as it is something that was solved and is relevant also today so I decided to remove it with answer rather than leave it there for more years or close it completely. If you do not like it, please suggest a better way.