@justinvelluppillai opened this Issue on April 12th 2022 Contributor

This applies to all api.matomo.org and plugins.matomo.org calls.

  1. First we add a new required system check showing to users if the connection over HTTPS works or not for these endpoints. If it doesn't work, then there should be an error shown explaining that we will soon switch to HTTPS by default. They should either make HTTPS work or disable HTTPS (see next item). We should mention the consequences of not fixing this issue (eventually won't receive any updates anymore big security issue for sure, and using HTTP is a minor security issue that someone could pretend there is no longer an update available)

  2. We introduce a setting to force HTTP instead of HTTPS as some people won't be able to change their PHP either because the hoster doesn't allow it or because they aren't technical enough etc.

  3. Create an FAQ about how to make HTTPS work or disable HTTPS and link to it in the system check error message in 1 above.

@justinvelluppillai commented on May 17th 2022 Contributor

@peterhashair did number 3 get done also regarding creating or updating the FAQs? Be good to link to that in this issue for completeness when done.

This Issue was closed on May 17th 2022
Powered by GitHub Issue Mirror