To All Moderators/Root,

What I have to convey is just 2 of my suggestions...
Can we have
1. https-SSL for Linux Questions.
2. Session time-out feature enabled.

I know that it is complicated/not simple to implement above two things.

Take for example the https with encryption feature: If implemented then we cannot leave out the login page. But in our case we can login from almost every page and hence implementing https encryption will mean that we have https for all those page ie. https for the whole site.

Secondly, I came across this as I left my desk one day without logging out of LQ and when I came the next day I found myself already logged in and I was able to surf/post well. Then I thought of timing the session out for LQ after a certain time of inactivity.

And I know that some might think that having session time out feature for this kind of knowledge sharing site is too much security; then I would suggest a maximum idle time upto 3-6 hrs or so - whatever. That wouldn't be too harsh for LQ users.

Finally I want to thank to all of you for reading this and not minding me talking about such things being a LQ newbie.

Thanks Again.

Cheers!!!

This is already implemented. Every page has both an http:// and a https:// entry - test it on any page you like. As an example: https://www.linuxquestions.org/quest...eature-808274/ - this page. If you are on non-https now, opening that page will show you as logged out.

As to the logout, log out manually, clear your cache and then log in again but make sure that you uncheck "remember me" below the log in.

1 members found this post helpful.

Oops I didn't noticed that, was totally unaware that this site is already using https also.
This thread is simply stupid/silly. But I came to know about this only after posting here. Had I not posted here, how would I come to know abt these things.

Anyway Thanks very much XavierP.

This is the message on the windows with https login
The favicon also does not show the certificate authority.

I'm surprised. Is it true that it goes without encryption???

Also I started facing some problems since I started using https://
The pages gets loaded well no issues but the tab icon still revolves as if the page is still loading and the status bar shows something like
"Transferring data from blah blah!".

I don't think it is usual. I'm using Firefox 3.6.3.

Can you provide the actual URLs that aren't resolving? That may be something Jeremy needs to fix.

There are some elements of the site that are served by domains that do not support https (although the favicon is not one of these), so depending on your browser settings you may see a warning message. I browse the site exclusively via https and do not see the behavior you're seeing.

--jeremy

So Jeremy, does that mean that I can fairly ignore the warning message about the encryption part? Because the favicon part should give the information about the certificate issuing authority while hovering the mouse over it. But it does not.

That is unrelated to the encryption and has to do with the type of certificate being used (OV vs DV).

--jeremy

@the OP:
What could possibility go on LQ that needs encryption?

You never know what may go wrong until it happens. Perhaps this is the reason why encryption has been originally implemented.

Done that but still when I leave the session without logging off and come back the next day to see that the session is already active and I still am able to post. Like this one has been logged in few days back.

Any more suggestions....

I never face this problem. My session usually ends after some time. Not a problem for me. Is it specific to OP?

Then isn't there anything else which I could do to solve "MY" problem??

That's odd. Clearing the cache and logging out should set you back to the login page. IIRC, https should force you to login each time you visit.

My session ends even with http. I do not regularly use https.