[Annoucement] dotTech now has secure logins and a mobile version

Hey dotTechies,

Earlier today I made an announcement about some potential downtime while I make some changes to dotTech. Well the changes have been made and hopefully almost no one had any downtime. This announcement is intended to inform everyone about the new improvements made to dotTech.

Mobile Version

It has been a long time coming but it is finally here – a mobile version of dotTech. Well, technically speaking, dotTech did have a mobile version for a short amount of time over the summer. However, I had made many custom modifications to it; then later I updated the script and forgot all my custom modifications would be lost. Once my custom modifications were lost I disabled the mobile version.

Anyway, the mobile version of dotTech is back. It is a fully functional dotTech in mobile form. To use the mobile version, all you have to do is visit http://dottech.org on a mobile device – smartphone or tablet – and the mobile version will be automatically loaded for you. If you prefer to use the desktop version of dotTech on your mobile device, scrolling to the bottom of any page on the mobile version of dotTech allows you to disable the mobile version.

The mobile version works on all major smartphone and tablet platforms (Android, iOS, BlackBerry, Windows Phone 7, Bada OS, WebOS, Symbian, etc.). Yes, that includes the iPhone and iPad. If you find you own a smartphone or tablet that the mobile version of dotTech does not work on, please let me know so I can fix it.

Secure Logins

Prior to today all logins on dotTech were conducted over HTTP, i.e. non-encrypted logins. For a blog, not having secure logins isn’t a big deal. After all, your login information on a blog (that you aren’t an administrator of) isn’t very important; you shouldn’t be using the same username and password as your important logins so even if your blog login gets hacked it isn’t a big deal. (If you are using the same username and password for dotTech as your important logins, you need to read dotTech’s advice about tiered logins.) The issue was that at times I found myself using unsecure WiFi networks; and as an administrator of dotTech, it is critical to ensure the safety of my login credentials. So I recently decided it is time to setup secure logins for dotTech.

For setting up logins over HTTPS I had two options. The first option was using self-generated SSL certificates. The advantage of self-generated SSL certificates is they are free and still provide secure logins. The disadvantage, however, is no browser accepts self-generated SSL certificates — all browsers display a warning to users that they may be visiting an unsecured page because the certificate is not recognized/accepted. So if I went with self-generated SSL certificates I would have secure logins without having to pay anything but I would risk scaring away dotTechies.

The second option was purchasing a SSL certificate from a leading SSL certificate authority. This would obviously cost me money but would ensure users don’t get any sort of warning when logging in.

I decided to go with the second option.

I did my research and ended up purchasing a SSL certificate from PositiveSSL, a Comodo company. Now I know I have had a run in with Comodo in the past. However, Comodo is one of the leading and most trusted SSL certificate authorities in the world so I felt secure purchasing from them. Plus, frankly speaking, I got a good deal for the first year. I may switch to a different certificate authority in an year’s time — depends on if I am happy with Comodo or not. If I do end up switching, it will only be a back-end change and will have absolute no affect on dotTech or dotTechies.

The earlier post about potential downtime is actually because of this SSL certificate. I had to make some DNS changes to dotTech to ensure the SSL certificate would work properly. DNS changes can cause downtime because it takes time to propogate the DNS change around the world. Luckily I picked up a few tricks from past experiences regarding making DNS changes so I was able to make the DNS change with little to no downtime.

Anyway, the point of this whole spiel is to say all logins and new registrations on dotTech are now done over a secure connection. This includes logging in from anywhere on dotTech — including the forums and mobile version of dotTech. This does not include e-mail notifications, the contact Ashraf form, or the tip us form because e-mail addresses/contact and tip forms are not considered critical data and there is no need to secure that data transfer.

At this moment in time I have disabled viewing dotTech articles in HTTPS simply because HTTPS causes extra load on the server; and there is absolute no need to be reading a blog in HTTPS. This means viewing articles and submitting comments won’t be over HTTPS. (Take note if you logged into dotTech prior to posting a comment or reading an article your login was done securely, i.e. username and password are safe.)

Other Changes

Aside from the above two major improvements to dotTech, there are some others changes, too:

  • The button on the bottom-right of dotTech that used to take you to the top of the page is no longer available. The button was breaking secure connections and thus I have disabled it. I am looking into bringing in a different button and/or fixing the button to not appear on secure pages.
  • The script that is used to allow dotTechies to receive e-mails when a new comment is posted on an article has been updated. Now it is easier than ever to manage your comment e-mail subscriptions. Simply click on the Manage your subscriptions link located at the end of each e-mail notification you receive…

…and you will be allowed to modify your subscriptions:

In addition to the revamped subscription management, you can now easily subscribe to receive e-mails when a new comment is posted on an article without ever commenting the article. To do this simply click on the subscribe to comments via e-mail without commenting link at the bottom of the comment form…

…enter your e-mail address and you are good to go.

Oh, and yes I now have the ability to make the checkbox for subscribing to follow-up comments via e-mail be checked by default. However, I am not going to enable this because I know for a fact subscribing people to follow-up comments by default would drive most people mad and probably push them to hunt me down with a pitchfork. I like my eyeballs, thank you very much.


If you encounter any bugs regarding the new changes (mobile version, secure logins, or new comments e-mail subscription system) please let me know so I can fix them. You can drop me an e-mail or post a comment below.

That is all for now. If I make any more major changes to dotTech I will be sure to let everyone know. Feel free to reflect on these new changes in the comments below.

Thanks everyone!

Related Posts

  • Ashraf

    @Frank: You are welcome! However, I don’t understand your request to include HTTPS in e-mail alerts. The HTTPS on dotTech is only for logging in or registering. Visiting articles or reading comments does not need nor does it involve HTTPS. As far as I remember I don’t send logging in or registration links via e-mail; however, even if I do, all HTTP requests for logging in and registering are automatically redirected to HTTPS. So no worries. :-)

  • Frank

    Dear Ashraf,
    many thanks!
    But how about sending email alerts /w https links in the future then? Many people just click the links in your mail and are still using unsecured http…

    Yours, Frank

  • Ashraf

    @jayesstee: It is cool; no need to apologize so much.

    @jockovonred: Glad you approve. :-)

    @Daniel: Sorry I can’t share that information — security issues.

  • Daniel


    Just wondering, what script are you running for the email thing?

    Thankyou :)

  • jockovonred

    thumbs up!

  • jayesstee

    @Ashraf: Whoops! Sorry Ashraf, I “skim-read” your article, pausing only to read your warnings about log-ins and passwords in full. I missed your “other changes” paragraph. Again sorry, I will try harder in future. :=(

  • Ashraf

    @anonymail: You are welcome!

    @Jimmy: Cool, thanks for confirming.

    @jayesstee: Yeah, I mentioned it in the article. :-P Thanks for the compliment!

  • jayesstee

    “Up Arrow” button has gone walk-about again. Swap you the “Share” button for “Up” and “Down” button(s)?
    Seriously though, it’s good to know about all the improvements. Good work!

  • Jimmy

    Works on HTC Wildfire

  • anonymail

    Works perfectly on my Nook Color! Thanks!
    Now I can see whats going on while my husband is hogging the pc.

  • Ashraf

    @mukhi: Thank you for confirming that. It was the Nokia Symbian/Maemo devices that I was worried about the most.

  • mukhi

    cool update, i love dottech, good to know that now my nokia n8 can see it! thanks!!!

  • Ashraf

    @PCbasics: Thanks for confirming. :-)

  • PCbasics


  • Ashraf

    @Tortuga: Can you test it on your TP now?

  • Ashraf

    @Torymon: Thanks for the confirmation! And glad you like it. :-)

    @Tortuga: Odd. I have it set for webOS user agent. I will look into it further for the TouchPad and get back to you.

    Yes these cost money but, really, don’t worry about donations. Enough advertising revenue comes in to cover these small costs. I’m even thinking about removing the donation links altogether. Thanks for the thought though!

  • Tortuga

    Hi Ash!

    Thanks for the improvements, even though I see no difference btwn before & after … :O on my HP TP.
    But if it is more secure, great!

    N.B.: If these cost money, maybe it wd be a good time to remind everybody that donations are appreciated ;-)
    I will be sending a little something later this week!

  • Torymon

    Looks good Motorola ATRIX 4G!!! Great job!

  • Ashraf

    @MikeFromMarkham: Thanks for the confirmation! And I’m glad you enjoy dotTech. :-) Thanks for the support!

    @PCbasics: Bloody iPad making my life difficult. Lmao, jk. It appears I accidentally broke iPad support in a recent change I made. Oops. I have now fixed it. Please confirm.

  • PCbasics

    Mobile site use to be working…..but it isn’t right now on my ipad

  • MikeFromMarkham

    Mobile site is looking good on my LG Optimus Black. Nice to see one of my favourite sites just keeps getting better!