Please change forum from HTTP to HTTPS 4566o
s: Alex 4wcb
-
General Public
- Posts: 7
- ed: Fri May 25, 2012 7:26 pm
Please change forum from HTTP to HTTPS 4566o
This forum requires s to over HTTP rather than HTTPS and posting things on the forum while logged in is also done over HTTP. This is very insecure, the s are being sent as plaintext over the Internet. Please switch your forums to HTTPS so they are secure. The and informational parts of your website do not necessarily need to be in HTTPS but the forums definitely do. There is zero security at all with HTTP and with a site people to with a name and , that is something that should never be done on the Internet these days, HTTPS is a must. And obviously require TLS 1.0 at a minimum, preferably TLS 1.2 or 1.3. SSL versions 1-3 are all deprecated and insecure, using TLS is a must.
Honestly I feel insecure even logging into this site and posting it but somebody has to tell you about this. I am going to have to change all my s now in case there is a man-in-the-middle attack and someone intercepted my plaintext that was sent over HTTP without any encryption.
Honestly I feel insecure even logging into this site and posting it but somebody has to tell you about this. I am going to have to change all my s now in case there is a man-in-the-middle attack and someone intercepted my plaintext that was sent over HTTP without any encryption.
Re: Please change forum from HTTP to HTTPS 5o4o6k
What is so important or secret in this open public forum that you require https? You don't even need to here, you can post as a guest…
Andrzej P. Wozniak, FDM and forum
Read FDM FAQ and the reporting rules
"How to report a bug or a problem with FDM" before posting
Read FDM FAQ and the reporting rules
"How to report a bug or a problem with FDM" before posting
-
StormJumper
- Posts: 553
- ed: Sun Dec 30, 2012 10:27 pm
Re: Please change forum from HTTP to HTTPS 5o4o6k
General Public wrote:This forum requires s to over HTTP rather than HTTPS and posting things on the forum while logged in is also done over HTTP. This is very insecure, the s are being sent as plaintext over the Internet. Please switch your forums to HTTPS so they are secure. The and informational parts of your website do not necessarily need to be in HTTPS but the forums definitely do. There is zero security at all with HTTP and with a site people to with a name and , that is something that should never be done on the Internet these days, HTTPS is a must. And obviously require TLS 1.0 at a minimum, preferably TLS 1.2 or 1.3. SSL versions 1-3 are all deprecated and insecure, using TLS is a must.
Honestly I feel insecure even logging into this site and posting it but somebody has to tell you about this. I am going to have to change all my s now in case there is a man-in-the-middle attack and someone intercepted my plaintext that was sent over HTTP without any encryption.
If that is your problem your already to late to stop it. I think you have more issue then FDM at hand that you first need to resolve before asking this.
-
Arbitrator
- Posts: 4
- ed: Sat Dec 31, 2011 6:35 am
- Location: Splendora, Texas, United States of America
Re: Please change forum from HTTP to HTTPS 5o4o6k
Email addresses and s of all current and new s including those that aren’t particularly security conscious.Usher wrote:What is so important or secret in this open public forum that you require https? You don't even need to here, you can post as a guest…
In any case, it looks like the site does use HTTPS now, though one has to manually go to the HTTPS site from the HTTP site since redirects to HTTPS aren’t configured.
Time for freemanager.telechargertorrent.org to put itself on the HTTP Strict Transport Security preload list at https://hstspreload.org/?domain=freemanager.telechargertorrent.org (which requires implementing the aforementioned redirects).
Who is online 2872f
s browsing this forum: No ed s and 6 guests