Making WordPress.org

Opened 18 months ago

Closed 3 months ago

#2308 closed defect (fixed)

wordpressfoundation.org should support HTTPS

Reported by: SergeyBiryukov Owned by:
Milestone: Priority: normal
Component: SSL Keywords:


With the move toward SSL, seems like wordpressfoundation.org should support HTTPS, like wordpress.org already does.

At the moment, I get a NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome:

This server could not prove that it is wordpressfoundation.org; its security certificate is from marx.multipattern.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

Change History (4)

#1 @obenland
6 months ago

  • Keywords close added

It looks like that was fixed?

#2 @iandunn
6 months ago

It has a certificate now, it just doesn't redirect HTTP -> HTTPS.

I think that'd be be good to do, especially since we're now using Stripe embeds on the Donate page. Those are encrypted due to the way they're implemented, but it doesn't appear that way to the average user.

#3 @dd32
4 months ago

  • Component changed from General to SSL
  • Keywords close removed

#4 @ocean90
3 months ago

  • Resolution set to fixed
  • Status changed from new to closed
curl -I 'http://wordpressfoundation.org'
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Feb 2018 13:23:48 GMT
Server: Apache
X-Powered-By: PHP/5.6.33
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade
Location: https://wordpressfoundation.org/
Content-Type: text/html; charset=UTF-8
Note: See TracTickets for help on using tickets.