Announcement

Collapse
No announcement yet.

HTTPS?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • HTTPS?

    In the wake of the hacking incident, have you considered securing the front end of the server (or at least the sign in form) with SSL? VBulletin hashes the password when you log in, but that seems susceptible to being replayed if the login were intercepted. In any case, it would be nice to prevent ISP's from tying ip addresses to specific activity. It adds a layer of headache to the setup, especially since externally embedded content could be insecure and cause warnings to be displayed -- but the benefits would seem to outweigh that.

    I realize cost is probably not the limiting factor here, but free certificates are available from StartSSL

  • #2
    I like the idea of being more secure with HTTPS but as this forum does not condone or participate in any illegal or questionable activity, I don't think this is necessary.
    Good suggestion though! :)

    Comment


    • #3
      Right, securing the sign in form, cookies, etc... would be the minimum for security.

      Beyond that I don't see securing the whole forum as anything more than a basic privacy issue. I'm more on the side of every site everywhere being secure.

      Comment


      • #4
        ssl site feels more cool in my browser ;P

        Comment


        • typhoon2
          typhoon2 commented
          Editing a comment
          Same here!

      • #5
        I agree, plus you can get an SSL cert for like $10 from some vendors.. even one at $50 is worth it i would think.

        Comment


        • #6
          Originally posted by kraash View Post
          I like the idea of being more secure with HTTPS but as this forum does not condone or participate in any illegal or questionable activity, I don't think this is necessary.
          Good suggestion though! :)
          I understand your comment, however we are talking about security from the client (your PC) to the server. The public areas of the site would still be able to be accessed via normal http - even you would be able to.

          I like the idea and will +1 it personally, I think it will provide a little more piece of mind to all.....

          :D

          Comment


          • #7
            I personally think that any time a site adds or switches to https is a good thing. Being more secure is a great thing, and after awhile a bunch of little things add up to one big thing.

            Comment


            • #8
              I also think its time to make this happen, just to be on the safe side.
              Last edited by TheDarkKnightR; February 12, 2017, 08:54 AM.
              sigpic
              A proud Torrent-Invite Introduction Crew.
              If you need help with anything, just send me a pm,

              Comment


              • #9
                My Vote is on this also, as the others are saying upgrading to HTTPS is never a bad thing and overall it feels much more worthwhile to the members of the community, i really cant see any downside to this other than the unfortunate cost to maintain it
                A big thank you to all the T-I members and moderators that support this site you make it all worthwhile!
                Also my very Special Thanks and appreciations to:

                Comment


                • #10
                  I would give it a positive vote.

                  There's nothing much really SSL can do, but like GPaX said, Piece of mind to all.



                  Regards,
                  Enon

                  Comment


                  • #11
                    Originally posted by Marshal396 View Post
                    i really cant see any downside to this other than the unfortunate cost to maintain it
                    Technically you are right. But I wouldn't be surprised if the majority of users don't know what the actual benefit of secure HTTP is. And for these users HTTPS could result in a false sense of security. So considering the particular security context of T-I, I'm not that sure if HTTPS would actually be a benefit.

                    sigpic
                    Sharing together - now and forever




                    Comment


                    • #12
                      Originally posted by cfpe View Post
                      Technically you are right. But I wouldn't be surprised if the majority of users don't know what the actual benefit of secure HTTP is. And for these users HTTPS could result in a false sense of security. So considering the particular security context of T-I, I'm not that sure if HTTPS would actually be a benefit.
                      10$ SSL won't be too much cost to maintain imo

                      Comment


                      • #13
                        Originally posted by Enon View Post
                        10$ SSL won't be too much cost to maintain imo
                        As I said in my first post, you can get 100% free certs from startssl.org

                        Comment


                        • #14
                          Haha, i stand corrected. fair play then i really cannot see this being a problem at all, and i fully encourage this idea to be considered
                          A big thank you to all the T-I members and moderators that support this site you make it all worthwhile!
                          Also my very Special Thanks and appreciations to:

                          Comment


                          • #15
                            I think this is a great idea. Anything to improve security, even if the improvement will be minimal (and only pertain to communication between browser and the server, as pointed out by others), is a good idea in my opinion. In fact, all sites should be SSL, there really isn't any drawback to have SSL. I personally use SSL even for my intranet (in home) communications between my phone apps and my NAS and my laptops and my servers.

                            Comment

                            Working...
                            X