[Suggestion] HTTPS on subdomains



So, a while ago Codecademy added HTTPS for the site, which was great, but there are a few subdomains that still don't support HTTPS. It's not a big deal if someone grabs my account credentials and does a course for me or something, but if they start spamming the forums with my account, that could be pretty bad. Could Codecademy please add HTTPS and HSTS for http://discuss.codecademy.com and http://discuss-cdn.codecademy.com?


And just for fun, instead of having to use the :heart: button or replying below to show you want this, here's a poll:

  • I want HTTPS and HSTS on Codecademy subdomains
  • I want Codecademy subdomains to keep using HTTP
  • I don't care.



Ryan confirmed via a direct message the other day he/the team will be working on this soon:

So it probably won't be very much longer before these forums are on SSL!


Any news about this?


@rugk Thanks for asking! Unfortunately, not yet :confused: I'll check with Ryan and let you know once I hear anything again, though :)


Thanks. Any news from @ryan?


Unfortunately not yet :confused: I'll update update here again once I hear from him or someone else on the Codecademy team.



Any news on this? I think that with Firefox moving towards marking pages like these forums as clearly insecure, rather than just as a normal page, this should be a priority (although really, a little icon shouldn’t be your main reason for doing this ;))

- Login Forms over HTTPS, Please


@rugk @amanuel2 News on this! Ryan is working on it, and you can now use these forums over HTTPS :tada: :slight_smile:
I have a feeling there's more happening, so that soon these forums will default to HTTPS, but this is good so far :slight_smile:


Nice. So only a redirect to the HTTPS version by default and the secure cookies flag would be nice...


This discussion is moot. The change to https was completed long ago. Just look at the location bar.

Topic closed.