-
Notifications
You must be signed in to change notification settings - Fork 168
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Druid project website is not secure #372
Comments
This is because it is hosted on github pages, which doesn't support https for custom domains: https://help.github.com/articles/securing-your-github-pages-site-with-https/. Fwiw http://static.druid.io/ (where we release artifacts) doesn't support https either, since it's hosted on S3 which also doesn't support https for custom domains. CloudFront does though. At Imply we moved https://imply.io/ from github pages to self hosting on EC2, and https://static.imply.io/ from S3 to CloudFront so we could support https on both. We'd happy to help out with migrating druid.io and static.druid.io as well. That could just mean sharing what we did to migrate our domains, but we would also be happy to do the work ourselves and donate the servers and bandwidth for hosting. |
Some notes on what should work for the two druid.io domains, based on what worked for us: static.druid.io
This procedure is pretty straightforward, so we might as well do it first. This domain hosts our release artifacts, so that'll at least give people confidence that the distribution is being downloaded securely. druid.io
Some reasons we might want to not choose CloudFront for druid.io:
The reason in favor of CloudFront is obvious, it's simpler than setting up EC2 instances. |
Github now supports SSL for github pages with custom domains: |
Attempting to reference pages of the website using https:// will fail. Example:
datasketches-aggregators
Many corporations are now requiring browsers automatically block non-secure sites.
I suggest the Druid team place a priority on getting this fixed.
The text was updated successfully, but these errors were encountered: