We're a low-profile community with low-value contents and low-risk but especially in these times malevolent hacks and mismanagement is always a concern. It is possible for snoopers to gain anything from pages visited to login details, as well as attachments and post contents from the HoW and Private Messages. Only our admins should be trusted with private data held on our server....and court warrants issued for serious crime agencies....but I doubt we'll ever have that, hopefully. The main thing is to keep logins safe and provide assurance to members old and new.
- We'll have an official third-party verified SSL certificate for authenticity to reassure visitors.
- All web data (from post/get requests to website media contents) between the web-server and your web-browser will be sufficiently encrypted.
- The protected data between cannot be edited easily (if at all) or faked, so for example ISP's can't filter particular web content and malware and adverts can't be injected in man-in-the-middle attacks.
Q: What would I need to do afterwards?
A: Nothing really, when accessing http://www.acegamersnetwork.com your browser should be redirected to https instead of http. Everything else should appear normal although it may alert you to the new certificate. However due to a cookie setting change, you may get logged out again or see some "invalidated" message.
Q: Should I change my password?
A: You probably don't need to, but it is recommended if you've used insecure connections before. It doesn't hurt to change it anyway.
Q: Does that mean you can't see what we've been up to here?
A: No. HTTPS only encrypts and decrypts data being exchanged between the web-server daemon/process and your browser application, basically. It wouldn't even make sense to store access logs with the encrypted form of the URL requested, for example. Temporary SSL/TLS keys issued for each session aren't stored to disk and don't need to. Only captured packets can't be fully interpreted by unauthorised parties.
Q: Will this allow me to bypass blocks/bans, like school firewalls?
A: Not really. Lower level protocols like IP headers aren't encrypted (imagine a post sorting office trying to deliver something with an unusable address!), only the application layer protocol HTTP which includes the URL requested, HTML, images and other web contents. They can tell what IP address you're engaging with and perhaps the domain name (at least via DNS) as well as tell you're encrypted with the particular certificate. You'll probably find you still can't even reach us.
Q: Does this mean AGN's going commercial?
A: No. Donations aren't ruled out for the future but they'll be handled by something like PayPal. No adverts either. We'll reward members for loyalty and achievements, and for having fun.
Q: Does this mean I can login and stuff from public wifi and phones and stuff?
A: Pretty much. We recommend you minimise that though, especially those with any staff privileges, but it would mean the most crucial data in transit is protected....enough. Please stick to strongly encrypted wireless networks though. And stuff.
Q: Me browser won't work!
A: Update it, or use a better one. Make sure TLS and SSL is enabled and any firewalls aren't blocking port 443.
Q: This'll hide referrals from embedded images, hyperlinks and YouTube vids and such right?
A: Only to insecure locations. The admins of another secured host will still see the referrer, requested URL, IPA and browser info in their logs because your browser makes a separate connection to their server and fetches the resource and supplies a ref independently. It is doable to configure your browser or use an extension to override this though if you're that concerned.
Q: Does this include your game servers?
A: No, only the website. AGNIM will also not be covered by it (except if the client interacts with the site) however it'll have it's own encryption for exchanging logins details and more.
I may begin at some point tomorrow at the earliest, during which you may experience brief website outages.
Update: Done! Let me know if you have any problems.