PonyCrush Suggestions

I tried loading the site over HTTPS only to be very disappointed that the site serves a cert, but a totally wrong cert that suggest the host is issuing visual hosts (eg the site is using a shared operating system and httpd stack)

I would like HTTP (SSL) enabled on this site, so I can trust the authenticity of content server by the site. (Coffee shop routers can inject advertisements into pain HTTP connections via mitm attacks, for example, isp's can do the same with shitty scare pop-ups)

Free trusted certs can be obtained via letsencrypt

I would like HTTP to HTTPS protocol elevation a standard on this site, this can be done with a simple HTTP 301/302 to the HTTPS URL.

And finally I would like to see the HSTS (HTTP stickt transport security) header added to prohibit accidental protocol degrading

---

I would prefer the housing service be moved off the shared host it currently uses to a dedicated host, I don't trust that other php developers won't inadvertantly harm this site, either by mistake or maliciously.

Thanks for your consideration. These technical smudges do dissuade me from considering donating seriously.

It's on my list, but it costs. I'll look into Let's Encrypt thoguh. Thanks.

Also, the site is not on shared hosting. It's on its own server I maintain, with a couple other sites I maintain. I use virtual hosts, but its a bit more robust than httpd. It's NGINX. I'll check my configs for the SSL defaulting....

Edit: So I thought... What the hell. I'll crank this out tonight. Should be working now.

Thank you much! I feel much more reassured <3

No problem. Thanks for the suggestions.