Hi there, I wasn’t sure what area this should go in but I suggest that you please move this forum to HTTPS only and upgrade the SSL certificate so that it is valid.
By default browsers will use non-HTTPS and because the domain eyes-on.com is the same domain as people’s eyes-on accounts, people will accidentally enter their security system credentials when they actually have separate credentials for the forum. This is what I did, before I realized it was separate. Which means your account t username and password are transmitted in an insecure channel over the WiFi, Internet, etc. After I realized my error and created a forum account I updated my security system account password.
Forum should use HTTPS
Moderators: EyezOnRich, GrandWizard
Re: Forum should use HTTPS
Agreed, a certificate on the forum is a good idea, especially given the browser warnings and flags when using non-HTTPS pages.
It shouldn't take much effort or cost to add another SAN to the main eyezon.com GoDaddy Cert and install it on the server that hosts the forum. Or worst case, setup free automatic LetsEncrypt certs on the forum webserver.
Either way, IMO, its long overdue.
It shouldn't take much effort or cost to add another SAN to the main eyezon.com GoDaddy Cert and install it on the server that hosts the forum. Or worst case, setup free automatic LetsEncrypt certs on the forum webserver.
Either way, IMO, its long overdue.
-
GrandWizard
- Posts: 2272
- Joined: Tue Nov 16, 2010 4:08 pm
Re: Forum should use HTTPS
The whole forum is being upgraded and moved. It will by HTTPS at that time.