Pelican Parts Forums

Pelican Parts Forums (http://forums.pelicanparts.com/)
-   Off Topic Discussions (http://forums.pelicanparts.com/off-topic-discussions/)
-   -   Forum 'Not secure' (http://forums.pelicanparts.com/off-topic-discussions/1005127-forum-not-secure.html)

sp_cs 08-16-2018 10:12 AM
Forum 'Not secure'
 
Getting the msg below in my browser window - anyone else?

This is in Chrome

http://forums.pelicanparts.com/uploa...1534439531.jpg

widebody911 08-16-2018 10:21 AM
Yes

Chrome is starting to be more "alarmist" about sites using http vs https https://www.theverge.com/2018/2/8/16991254/chrome-not-secure-marked-http-encryption-ssl

In this day and age, there's not reason sites should not be using https. This forum doesn't have much in the way of sensitive information, other than your login, so it's not a big deal, but still. Since they've never fixed the spammy "trackback" BS I imagine that security is not high on their "to do" list.

sp_cs 08-16-2018 10:26 AM
Thank you - i had no idea it was still http, especially as you say, login credentials could be exposed.

Admin at Pelican Parts 08-16-2018 10:56 AM
Https is active, but we haven't circled back and redirected anything on the server yet.

I'll kick this up in priority.. the irony is we have to jump through so many security hoops that forum maintenance items need to be scheduled a week out. :D

-Chris

sp_cs 08-16-2018 11:02 AM
Thanks Chris

GH85Carrera 08-16-2018 11:12 AM
Yea, I noticed that myself yesterday. If I close Firefox and come back it is ok for a while and goes back to unsecure.

John Rogers 08-16-2018 11:44 AM
You have to remember that HTTPS is not good for much as it covers the "wire" from the exit of the server to your home connection or router. It can easily be broken and places such as NSA can listen to your forum chat entries so even if we have users who are afraid to type the word GUN as they might get arrested or other bad things the website's application server can be hacked into or the data base server hacked into especially if using a free database such as MySQL or even worse your home router if you don't change your encryption key often or never! HTTPS will slow things down somewhat as there are more 1's and 0's the CPU has to process to get the latest query about if a user should get an appointment with a brain doctor due to dizzy spells?


Soooo the best thing is to use a "trash password" that is used no where else and keep an eye on your email inbox for phishing emails and change your home router key frequently!

Admin at Pelican Parts 08-16-2018 12:11 PM
Also--just in case it crosses anyone's mind--there is no link between our ecommerce site and this forum. The servers are literally located miles apart and operate on completely independent platforms (which is part of the reason why we're dragging our feet on the https rollout).

tabs 08-16-2018 12:22 PM
Quote:
Originally Posted by John Rogers (Post 10145354)
You have to remember that HTTPS is not good for much as it covers the "wire" from the exit of the server to your home connection or router. It can easily be broken and places such as NSA can listen to your forum chat entries so even if we have users who are afraid to type the word GUN as they might get arrested or other bad things the website's application server can be hacked into or the data base server hacked into especially if using a free database such as MySQL or even worse your home router if you don't change your encryption key often or never! HTTPS will slow things down somewhat as there are more 1's and 0's the CPU has to process to get the latest query about if a user should get an appointment with a brain doctor due to dizzy spells?


Soooo the best thing is to use a "trash password" that is used no where else and keep an eye on your email inbox for phishing emails and change your home router key frequently!
How did you know I was getting dizzy spells??????


All times are GMT -8. The time now is 05:02 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website


DTO Garage Plus vBulletin Plugins by Drive Thru Online, Inc.