Press "Enter" to skip to content


Just checking in to ensure that the blog and comments are still working for everybody after some fixes this morning.

I got an email from Freedom Feen MWD, warning me that, on the Chrome browser at least, all HTTP sites will soon be labeled “insecure” — which, he notes, is a good development. But which will also discourage people from visiting those sites.

I thought both the blog and were set up for HTTPS. But while the Cabal was properly showing that “s” in its address line, not so with the blog.

Turned out we had a twofold problem. Bear Bussjaeger checked and discovered that the SSL certificate for the blog site was present but had somehow ended up uninstalled. And MWD found a WordPress issue and guided me through a fix for that.

So, thanks to Bear and MWD … when you come to this blog, you should now see HTTPS in the address line AND you should not get any “insecure” messages if you attempt to log in.

It’s working that way for me. But we’ve had certificate issues before. Now, is all well and good for you guys?


  1. jc2k
    jc2k February 21, 2018 11:06 am

    Looks good from here.

  2. rochester_veteran
    rochester_veteran February 21, 2018 11:52 am

    It’s working for me, Claire, and I’m using Chrome.

    My web forum uses a self-signed certificate and that makes Chrome throw the “Unsecured site” error, even though it is https, but all of my regulars know of this and all you have to do is click the “Advanced” link and click that it’s OK to go there and login.

  3. Pat
    Pat February 21, 2018 12:13 pm

    Firefox here.
    The -s has been missing for some time, but as you had said the blog and cabal were handled differently (the blog being open to all), I assumed the -s didn’t exist on the blog. It is now present.

  4. Claire
    Claire February 21, 2018 12:56 pm

    Thanks for the input, guys. I’m glad to know the new fixes didn’t break anything.

    Pat’s right that for blog reading alone, the “s” isn’t vital. However, it should have been there for logging in and for general site security (e.g. making sure that nobody could hack the site and change my donation address to theirs!).

    I’m still puzzling over how the SSL certificate — which I know we had — came uninstalled. That’s not a happy thing and will require watchfulness in the future. But for now it’s good to know we’re good.

  5. jed
    jed February 21, 2018 1:21 pm

    I suppose I’m among the rare contrarians who isn’t joyful about Google’s heavy-handed flogging of “insecure” sites. Neither of the two sites I manage has any personal info, certainly no CC or other sensitive data. On top of that, the admin interfaces run over HTTPS through the hosting companies’ domains. So I’m hoping I don’t get any squawking about it.

  6. fred
    fred February 21, 2018 1:36 pm

    Firefox shows the ‘s’ ,also says parts of this page are not secure(such as images).I have no idea what that means,but HP,Linux and fred are here. 🙂

  7. ~Qjay
    ~Qjay February 21, 2018 1:40 pm

    It seems good in Google

  8. Shel
    Shel February 21, 2018 2:37 pm

    I never was aware of any problem using Firefox on Apple products.

  9. Claire
    Claire February 21, 2018 3:48 pm

    Contrarian jed — Is anybody joyful about it? It’s being done by Google, after all. It’s a heavy-handed way to deal with a problem. Although they’re correct to flag http sites as “insecure,” most people surfing the web probably have no idea what that implies and will just think it means “run like hell.”

    It will thus give Google even more control than it already has over what sites people see. MWD, who sent me the original link, foresees this as a way to push freedomista sites farther from view than they already are. The move obviously benefits larger sites with more tech-savvy ownership over small, independent sites.

    Then there’s the fact that while http does imply “insecure,” https doesn’t absolutely guarantee “secure,” but may give a false sense of confidence.

    Joyful? I don’t think so.

  10. Mike
    Mike February 21, 2018 4:16 pm

    Looking good…

  11. DistOne
    DistOne February 21, 2018 7:19 pm

    Checked both here and the Cabal. Everything looks good. Glad you said something. I was worried when I couldn’t load the site this morning.

  12. MamaLiberty
    MamaLiberty February 22, 2018 3:59 am

    No problems here with firefox. 🙂

  13. Joel
    Joel February 22, 2018 5:48 am

    Same here, works fine.

  14. larryarnold
    larryarnold February 22, 2018 6:00 am


    I guess that means I’ll have to get into certificates and such for my site, even though it’s straight HTML.

  15. Claire
    Claire February 22, 2018 6:54 am

    Scott — Thank you for spotting that. Sounds like a fairly easy fix for me — but also as if it could get tricky for a lot of small sites to fix their (truly insignificant or nonexistent) security issues.

    And thank you all for the continuing feedback.

  16. jed
    jed February 22, 2018 8:43 am

    The general vibe I get reading various places around the web is that many are quite enthusiastic about it. As you note, MWD calls it “a good development”. But I disagree. A blanket labeling of all sites not using https as “insecure” is overkill and even misleading. Perhaps there’s something I’m missing. Particularly for sites which are only pushing information out, I have to ask what attack vectors are available via http which would be closed via https. I’m all in favor of https for Amazon, my bank, etc., particularly now with people using their phones and connecting over whatever WiFi happens to be available. But as you note, this benefits larger sites over smaller ones, and enhances Google’s position as a gatekeeper. (However, I’m sure that Firefox will follow suit.)

    I suppose there’s an element here of my just being a little cranky at the thought of possibly being forced into spending time implementing a site certificate, etc., for the sites I manage, with zero real risk mitigation. I haven’t even looked around at for whether they make it easy.

    The images served over http are a red herring, but I guess worth fixing since it’ll stop browswers from throwing up irrelevant warnings.

  17. Claire
    Claire February 22, 2018 12:06 pm

    “a good development”

    I should clarify that that was my paraphrase, not his exact words. In fact, he’s concerned about some of the same things you and I are and it was he who raised the idea that this move by Google might push small freedom sites farther out of sight.

    I think he meant something more like, “it’s accurate to label http sites as insecure.” “Good” was probably a leap.

Leave a Reply