Hello technical people,
I've just spotted that the customary padlock is missing from the website address bar when I am on the forum. Instead I have a message saying "Not secure". Any other website seems OK. I've tried closing the forum page and re-opening it but it's still there. Should I panic, and is anybody else getting this?
Cheers,
Chris
I see this all the time, Chris, and I believe it is being worked on by the Admin team @Tank (http://www.ngaugeforum.co.uk/SMFN/index.php?action=profile;u=2) . I'm a member of the Kawasaki Club forum and that is the same.
Not worth worrying about, it's not like you're entering your card details and address stuff on this site? When you enter your password that bit is secured.
The way things are going though, sites are generally moving to using https even when it's not strictly necessary. Browsers are starting to flag up non-https usage more than they used to. As NPN says, this site will probably move over to be totally https at some point.
Quote from: ntpntpntp on October 07, 2018, 05:54:33 PMWhen you enter your password that bit is secured
Partially correct, the password is converted into Base64 but is still transmitted unsecurely
Simply change the url to begin https manually
As the forum software uses short URL on most links it will be retained
The change is simple in the admin area
Quote from: MJKERR on October 07, 2018, 06:43:15 PM
Quote from: ntpntpntp on October 07, 2018, 05:54:33 PMWhen you enter your password that bit is secured
Partially correct, the password is converted into Base64 but is still transmitted unsecurely
Hmm you're quite correct. I hadn't checked the form action. That is naughty, other sites at least https the login. Not that it really matters for a forum I suppose.
Quote from: ntpntpntp on October 07, 2018, 07:28:55 PMThat is naughty, other sites at least https the login. Not that it really matters for a forum I suppose.
That is because it is a legal requirement, and has been for some time (October 2017)
If a website is classed as commercial, so obtaining any personal and input information requires the use of SSL (https)
That is why the majority of browsers now give this warning, as a text transmission has been detected
Equally, the webhost should have noticed this and issued notice to the website provider
Not popular but I did this to a few of my customers at the end of last year, advising them they had now received notice and the business would not be liable
On the other side of the coin, the legislation is aimed at large businesses that failed to comply
Equally for a smaller business, if there is a data breach the website provider may be liable
Thanks for the replies. I wasn't really worried - it's just that I had never seen "Not secure" actually written out before and I assumed it was new.
Cheers,
Chris
It's a work in progress I'm afraid. Lots of things to change on the forum. :-\
At least the forum supports https, some websites i've seen just throw an error when you try https!
I recommend you update your bookmarks to https, then you won't be using the unsecure website, all the links stay on https if that's where you start.
there is a warning with https on the forum because (i think) profile pics are force loaded from http but that's only a problem if you expect the profile pics to matter much!