Not so good. I was immediately called on it by one of my list subscribers, using my own words! Can I just say how much I love you guys for actually paying attention? People on my mailing list rule.
I considered emailing out an abject apology and hoping I never did it again, until it hit me…
“Hey, wait! I should never allow insecure links to that from anybody. Can’t I just force it https?”
Yup. Here’s what I used:
1 2 3
That’s not as good as redirecting to https directly in NGinX, which I may also do. But it’s a great quick fix, and it makes sure that the mistake will be fixed if it happens again.