Jump to content
Why become a member? ×
Please read the FAQ first!
  • 0

SIte security- https

pete.young

Asked by pete.young,

 Share

Question

pete.young Veteran

pete.young

Posted
Posted

The site appears to be http only, with no consideration given to https. I get the padlock icon with a red line through it on Firefox telling me that passwords could be compromised, and similar warnings from Chrome and Vivaldi. I don't recall seeing this on the old site.

Bearing in mind that you are asking for not only passwords, but credit card details and paypal details in the shop section, https needs to be implemented immediately. I'd also recommend that you implement hsts and turn off http altogether, this is 2017 and there's really no reason to do it any other way.

17 answers to this question

Recommended Posts

  • 0
ped Grand Master

ped

Posted
Posted
1 hour ago, pete.young said:

The site appears to be http only, with no consideration given to https. I get the padlock icon with a red line through it on Firefox telling me that passwords could be compromised, and similar warnings from Chrome and Vivaldi. I don't recall seeing this on the old site.

Bearing in mind that you are asking for not only passwords, but credit card details and paypal details in the shop section, https needs to be implemented immediately. I'd also recommend that you implement hsts and turn off http altogether, this is 2017 and there's really no reason to do it any other way.

Yes sir!

  • 0
charic Veteran

charic

Posted
Posted

SSL certificate is high priority but we couldn't organise it until the site was already live with the correct server and domain.

It's on the list!

@ped - if it's not on the list can you put it on the list? ?

  • Thanks 2
  • 0
nilebodgers Experienced

nilebodgers

Posted
Posted
1 minute ago, charic said:

Note quite there, but it's almost done :)

Quick work! Just a few scripts trying to pull content via non-https sources to fix & job's a good 'un.

  • 0
charic Veteran

charic

Posted
Posted
6 minutes ago, nilebodgers said:

Quick work! Just a few scripts trying to pull content via non-https sources to fix & job's a good 'un.

Got an example I can check? :)

  • 0
MisterT Contributor

MisterT

Posted
Posted

The mediaplex http thing is back on the Elixir strings gif...

  

http://img-cdn.mediaplex.com/0/25163/182158/UK_BassStomp_468x60_new.gif?mpqs=&mpssl=1&mpvc=

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...