Making WordPress.org

Opened 3 years ago

Closed 20 months ago

#2308 closed defect (fixed)

wordpressfoundation.org should support HTTPS

Reported by: SergeyBiryukov Owned by:
Milestone: Priority: normal
Component: SSL Keywords:


With the move toward SSL, seems like wordpressfoundation.org should support HTTPS, like wordpress.org already does.

At the moment, I get a NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome:

This server could not prove that it is wordpressfoundation.org; its security certificate is from marx.multipattern.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

Change History (4)

#1 @obenland
23 months ago

  • Keywords close added

It looks like that was fixed?

#2 @iandunn
23 months ago

It has a certificate now, it just doesn't redirect HTTP -> HTTPS.

I think that'd be be good to do, especially since we're now using Stripe embeds on the Donate page. Those are encrypted due to the way they're implemented, but it doesn't appear that way to the average user.

#3 @dd32
22 months ago

  • Component changed from General to SSL
  • Keywords close removed

#4 @ocean90
20 months ago

  • Resolution set to fixed
  • Status changed from new to closed
curl -I 'http://wordpressfoundation.org'
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Feb 2018 13:23:48 GMT
Server: Apache
X-Powered-By: PHP/5.6.33
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade
Location: https://wordpressfoundation.org/
Content-Type: text/html; charset=UTF-8
Note: See TracTickets for help on using tickets.