General Boards > OzIsuzu Forum Bulletin Board
We are now SSL compliant
DannyG:
--- Quote from: Bob on Jul 02, 2018, 03:25:37 PM ---I had to do that on my desktop pc and just now again on my iPad, both time I was asked if I wanted to save my password.
--- End quote ---
Ok I know why. It’s because I changed the name of the forums cookie.
It’s not actually because of the ssl certificate.
I’ll change it back tomorrow
wotmate:
HTTP is Hyper Text Transport Protocol whilst HTTPS is Hyper Text Transport Protocol Secure.
Most web pages are made out of HTML (Hyper Text Markup Language) with a few add-ons and plug ins, and simply using HTTP means someone, like your ISP, can log the content of the webpages you view, whereas with Secure, they can't.
Banks use HTTPS for internet banking.
yvesjv:
--- Quote from: DannyG on Jul 02, 2018, 12:06:46 PM ---Probably useless information but I installed a SSL certificate so our site now uses https protocol instead of http.
To be honest I do not really know what it all means other than it is something that is better :laughing7:
--- End quote ---
Cool stuff :-)
We use ssl for securing all communications between client devices ans servers for encrypting all communications that has to pass through the public internet and also within our private network for all business stuff.
Using plain http and other non-ssl enabled applications, allows anybody to capture your username/password in clear text.
Perfect example is using your mail application using pop3, imap or just plain ftp to manage your website.
Guess next step would be for all to change their passwords now that it is sent encrypted to your server(s) :-)
Note: nowadays we even have to protect people logins with a third password called two factor authentication as we had many phishing attacks where people are duped into providing their username/password. And I mean many attacks, they just get more and more sophisticated :-(
Wow... apologies, long rant :-)
sveken:
You could try cloudflare too,
It will get you Free SSL compliance and also DDOS protection and other security benefits,
I use it with lets encrypt on the web server itself
DannyG:
Thanks for all the info gents.
At least our members information is now safer. Not that any of us would share too much info that could put us at risk but a simple thing such as a password being known could put you at risk if there were hackers out there trying to capture the information i suppose.
Just on that I have left our new cookie naming to the new name so this has forced everyone to log in again. I know it is an inconvenience and for some people it may mean searching for an old password but it is something that is better on the back end of the forum...or so I am told!
Just on the SSL, I know there are free options out there but in my instance and the way our forum is set up on our server it was better and easier for me to go with a large reputable company so it has future proofed the forum in that regard.
Thanks for the interest.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version