Nice, tried the link and they couldn’t even set up https. Their target base won’t even be able to type that link out lol.
One random thing that really annoys me is that the site http://shakespeare.mit.edu does not properly forward http requests to https although they have an https version of the site.
Funniest thing I’ve ever seen is the docs for Nginx do the same, no http to https redirection. I mean, you would hope that the maintainers for the biggest web server in the world would be able to manage that but somehow… No they don’t.
Apache tomcat had a stupid security issue. I recently did a HackTheBox about it. Here’s a write-up of the box https://medium.com/ctf-writeups/hack-the-box-jerry-write-up-6f045601315f
Don’t you just need to toss an “.htaccess” file in the root?
No, an .htaccess file is specific to Apache HTTP Server… although some other web servers have integrated the format. However, most browsers now automatically redirect when an HTTPS version exists.
Neat, a potential FCC violation. I don’t know if this violates the advertisement disclosure requirement for political ads, but I bet someone at the FCC does.
I’m just going to leave this handy dandy FCC complaint form here. Don’t mind me.
Feeling cute, thought I’d submit a possible violation to the FCC, might submit more later, idk