Https for the site?

As of right now, the Discourse installation isn't running on an https-enabled server (and Chrome gets mad, especially when the HTTPS Everywhere extension tries to redirect the site to the non-existent secure version). It's not collecting tons of personal information, but the site still collects passwords and should probably have https enabled.


Ooh and I can dbl like as an anonymous user.

Given the somewhat sensitive nature of data science in various organizations — including US gov departments — TLS/SSL has to the only accepted way of sign-in and, heh, discourse.

Also: Chrome is going to really light a fire on login dialogues that aren't SSL'd, soon.

The site also uses Discourse CDN and it would be much safer for individuals re:tracking if it was all local.


Working on enabling SSL now


I was as well...They said it was a checkbox to enable?

Seems to be working now!


A checkbox and some more $$$

The logo image is still not secure at the moment: Should use https.

Aye. Still getting mixed content warnings on my end. It's likely a quick template URL resource tweak.

user profile JSON is SSL'd and limited to logged-in users, so :+1: on that front and the rest of the hosted discourse and back-end Proinity CDN (which they use behind the scenes) seem :+1: as well (no mal-history as well).

Should be fixed now (at least I don't see any problems when I open in chrome)

Yep, @Bill has fixed it.