We are very excited to offer HTTPS web hosting to all projects. With a single click, projects can opt-in to switch their web hosting from http://name.sourceforge.net to https://name.sourceforge.io Project admins can find this option in the Admin page, under “HTTPS”, naturally 🙂
When a project switches over to HTTPS, the old domain will redirect, so no traffic will be lost or links broken. However, some configuration updates may be necessary if your site contains HTTP references (scripts, image tags, etc). See here for a guide to managing those changes.
This is just one step of many in our continued effort to improve security throughout SourceForge. See our Site News section for a comprehensive list of SourceForge improvements including recent past announcements about multifactor authentication, virus scanning, and more.
Why was it necessary to use a different top-level domain for the https project websites?
The different domain is to make sure project website cookies are kept completely separate from the sourceforge.net main site cookies.
good to see goodies like this poppin up from time to time. thanx!
PS: Diffin between tags would be nice to see..
Have a nice Day, Thorsten
Some browsers only support 128-bit AES instead of 256-bit. Perhaps consider adding this to the cipher list so these browsers don’t fall back to Triple-DES and slow down your servers, and potentially be vulnerable to SWEET32?