Adblock Plus and (a little) more

Better SSL support on adblockplus.org · 2013-07-08 12:55 by Wladimir Palant

This website has been supporting SSL encryption for a while now. However, normally both HTTP and HTTPS access were allowed, with exception of some parts of the website. This was mainly because of the weak server powering that website. Now that this server is gone this could finally change: adblockplus.org is an HTTPS only website now — for better security and privacy.

All accesses http://adblockplus.org/ will be redirected to the encrypted version automatically, and we’ve enabled HTTP Strict Transport Security to ensure that the browser doesn’t even go to the unencrypted version in future. In addition, we’ve enabled SPDY support on the website so that it should load faster now.

Tags:

Comment [7]

  1. Sebastian · 2013-07-08 17:29 · #

    Hello,

    privacy is great?

    Was the https-only mode enabled to secure your servers against angry users who felt abused by your scandal?

    I mean the one written about on http://www.digitaltrends.com/web/adblock-plus-accused-of-shaking-down-websites/ (english) which was revealed by the blogger of http://www.mobilegeeks.com .

    Greetings,
    Sebastian from Bavaria
    (Please do not edit, delete or hide my comment as it is a legitimate question)

    Reply from Wladimir Palant:

    Normally I am removing off-topic comments because they tend to stifle constructive discussion in the blog post. But in that case I guess I’ll comply with your wish and leave your comment standing in all its cluelessness – I came too late and other people already replied to your comment.

    So, “angry users” are behind the criminal actions aimed at keeping our counterstatement unreachable during a FUD campaign against Adblock Plus? Yes, this is totally plausible :-)

  2. Torpor · 2013-07-08 23:15 · #

    Re: Sebastian,
    HTTPS protects visitors of a website. It does not protect the website against DoS attacks.

  3. Mxx · 2013-07-15 03:35 · #

    This is great, but you could work a bit on improving SSL support. See results here: https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fadblockplus.org

  4. Thomas · 2013-07-18 02:56 · #

    This is a good guide to perfect your SSL deployment:
    https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.2.pdf

  5. Drago · 2013-07-27 21:51 · #

    Sebastian,

    Deine Frage strahlt so viel Inkompentenz, dass es für mich kein Wunder ist, dass du den Unfug aus den genannten Artikeln glaubst…

    Nun bitte zurück zum Kühe Melken :)

  6. Famlam · 2013-07-31 14:14 · #

    The search on your website is still http, so you get a warning about sending https content to a http website. Perhaps this one can be set to https too?

    (just a matter of updating the ‘action’ attribute of that form field I guess)

    Reply from Wladimir Palant:

    Thank you, fixed this (that change should become visible everywhere within two hours).

  7. Patricia Quintanilla · 2013-08-09 00:23 · #

    Re: Shared.com
    Sent: Fri Aug 02, 2013 9:59 pm
    From: Patito
    To: Wladimir Palant

    Hi Waldimir,

    Thanks for your response but I am still curious.

    How can the “typo correction feature” message be removed as Shared.com is a separate website and entity? The current message takes away from our brand equity and hinders brand trust leading users to bounce from our site immediately after seeing it.

    We will be happy to furnish any business and/or legal documents.

    Thank you.

Commenting is closed for this article.