Making WordPress.org

Opened 5 years ago

Closed 4 years ago

#2308 closed defect (fixed)

wordpressfoundation.org should support HTTPS

Reported by: SergeyBiryukov Owned by:
Milestone: Priority: normal
Component: SSL Keywords:


With the move toward SSL, seems like wordpressfoundation.org should support HTTPS, like wordpress.org already does.

At the moment, I get a NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome:

This server could not prove that it is wordpressfoundation.org; its security certificate is from marx.multipattern.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

Change History (4)

#1 @obenland
4 years ago

  • Keywords close added

It looks like that was fixed?

#2 @iandunn
4 years ago

It has a certificate now, it just doesn't redirect HTTP -> HTTPS.

I think that'd be be good to do, especially since we're now using Stripe embeds on the Donate page. Those are encrypted due to the way they're implemented, but it doesn't appear that way to the average user.

#3 @dd32
4 years ago

  • Component changed from General to SSL
  • Keywords close removed

#4 @ocean90
4 years ago

  • Resolution set to fixed
  • Status changed from new to closed
curl -I 'http://wordpressfoundation.org'
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Feb 2018 13:23:48 GMT
Server: Apache
X-Powered-By: PHP/5.6.33
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade
Location: https://wordpressfoundation.org/
Content-Type: text/html; charset=UTF-8
Note: See TracTickets for help on using tickets.