Results 1 to 8 of 8

Thread: Site Not Secure

  1. #1
    ELITE Kin Hell's Avatar
    Join Date
    Jun 2011
    Location
    Cornwall. UK.
    Posts
    1,342
    Downloads
    0
    Uploads
    6

    Site Not Secure

    What gives Harrison?

    Not Secure.jpg
    Getting 0ld0r is mandatory - Growing up is just an option.

  2. #2
    RetroSteve! My location

    Stephen Coates's Avatar
    Join Date
    Mar 2003
    Location
    Rotherham
    Posts
    2,187
    Downloads
    0
    Uploads
    0
    I assume its because the site uses HTTP, and some browsers highlight this by displaying 'Not Secure'.

    I notice in the screenshot that your browser omits the actual protocol from the URL. I have the privilege of seeing the whole thing: http://forum.classicamiga.com/forum/...ite-Not-Secure.

    I have wondered if we might get changed to HTTPS at some point, but its not something I'd be in a hurry to do.

  3. #3
    Retro Addict Administrator
    My location

    Burger Time Champion, Sonic Champion Harrison's Avatar
    Join Date
    Dec 2002
    Location
    UK
    Posts
    16,654
    Blog Entries
    1
    Downloads
    6
    Uploads
    14
    What browser are you using Kin?

    Google have recently locked down their systems, so using Chrome and it with complain if you are not using shttp now, sometimes even throwing up a warning page and blocking access and making you agree to continue. Firefox and some others are also locking things down a bit more now too.

    Same is also happening with Gmail and domain authentication when it receives an email. It now checks for a domain's SPF record settings. If it's not set at all it will block the email and instead show a neutral security warning, or if not set to hard settings (ie only emails sent directly from the domain) Gmail automatically rejects the email or sends it straight to spam. I really don't agree with this level of email handling and domain authentification as so many domains don't need shttp security token settings or even have an SPF record setuo for emails, and many domain owners will never have even heard of it.

    If you haven't played a classic game in years, it's never too late to start!


  4. #4
    Amiga PT user VIP
    My location

    Tiago's Avatar
    Join Date
    Aug 2007
    Location
    Estoril/Lisbon
    Posts
    2,419
    Downloads
    0
    Uploads
    0
    As far as i know, the HTTPS should be the new "standard". Google engine puts a website https in better search position then http.
    And http will be a non secure website.
    But you have to pay for https an extra. If it is a new standard why we have to pay?
    A500 - A600 - A1200

  5. #5
    RetroSteve! My location

    Stephen Coates's Avatar
    Join Date
    Mar 2003
    Location
    Rotherham
    Posts
    2,187
    Downloads
    0
    Uploads
    0
    This subject has been a massive debate on a few forums that I visit.

    I agree with the principle of encrypting everything, but it isn't always necessary. For example, my private telephone calls aren't encrypted, and I sometimes discuss matters of a personal nature in places where they can be overheard.

    On one forum, the admin is quite modern (despite it being a forum about vintage computers) and insisted that the site will be HTTPS only, with no option to fall back to HTTP. This annoyed quite a few users who wanted to access the site from browsers which had poor support for HTTPS.

    Another forum I am on is HTTP by default, but HTTPS can be used optionally. Some people really didn't give a toss, as they are using the site to make public posts, so there is no issue if it is intercepted. Others were concerned about ISP snooping, advert injection etc.

    I'm not too fussed personally, but I'd suggest using HTTPS by default if possible, and offering a fall back to HTTP. Of course if HTTPS isn't practical, I've no objection to HTTP on its own.

  6. #6
    ELITE Kin Hell's Avatar
    Join Date
    Jun 2011
    Location
    Cornwall. UK.
    Posts
    1,342
    Downloads
    0
    Uploads
    6
    Aye, using Chrome on Win 10 Pro....

    Didn't mean to open a Pandora-like box either Harrison, but I also thought "HTTPS" was the new Standard!
    Getting 0ld0r is mandatory - Growing up is just an option.

  7. #7
    Burn! Hot Blooded Rhythm Soul! Staff Moderator
    My location

    J T's Avatar
    Join Date
    Jan 2003
    Location
    'STRAYA (since 2010)
    Posts
    2,054
    Downloads
    1
    Uploads
    0
    I remember when I used to use a sandboxed browser for dodgy/questionable things.

    Now I just use someone else's device

  8. #8
    Retro Addict Administrator
    My location

    Burger Time Champion, Sonic Champion Harrison's Avatar
    Join Date
    Dec 2002
    Location
    UK
    Posts
    16,654
    Blog Entries
    1
    Downloads
    6
    Uploads
    14
    @JT. Lol.

    From a web development point of view you only need encrypted webpages and/or secure shttp if handling sensitive data such as sales, transactions or business dealings. On forum software which is social media it really hasn't ever been a standard consideration other than maybe protecting membership profile information.

    If I get time over the coming month I will look into how easy it might be to implement on here. Amibay would be another good candidate for using shttp, as it is a sales platform after all.

    If you haven't played a classic game in years, it's never too late to start!


Similar Threads

  1. UAE4All Dingoo RC 2-secure
    By Demon Cleaner in forum Amiga Emulators
    Replies: 0
    Last Post: 4th May 2010, 13:53
  2. Web Design Help secure the future of Joomla!
    By Harrison in forum General Chat
    Replies: 5
    Last Post: 13th June 2007, 15:20

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright classicamiga.com