Site security

Just what it implies.
Post Reply
dedalus5550
Posts: 1019
Joined: Wed Apr 01, 2009 9:35 pm
Location: Long Beach

Site security

Post by dedalus5550 »

I get that symbol in the URL window that suggests this site is not secure. Does that mean some certificate has lapsed? I don't necessarily freak out about "security" as a site like this. I don't drop my credit card number in here, and I don't think I used my birthdate, etc. to set up an account. But sometimes it means the people who own it or operate it have run to the hills. Or they frozen in at the top of the hills above southern california where people have been snowed in. Just curious.
Mike Todd
Memo to Mark Twain: But what if we have too many adults acting like babies?
DaveVan
Posts: 2781
Joined: Sun Jul 26, 2009 10:53 pm
Location: usa

Re: Site security

Post by DaveVan »

Maybe just certificate is out of date......happened on a model car site I visit last month.....
NX-17000
Posts: 500
Joined: Fri Nov 16, 2012 1:05 pm
Location: Halifax, Nova Scotia

Re: Site security

Post by NX-17000 »

It looks to me like it's just that SSM doesn't force your connection to be done via https. If I add that in front of the site address in the URL bar, I get the lock symbol that I see on most other sites (Banking, news, etc). I don't know much about website/forum hosting, but I assume there's probably a box unticked somewhere which would force any connections to run via https.
irishtrek
Posts: 5765
Joined: Fri Sep 16, 2005 2:04 am
Location: wouldn't you like to know

Re: Site security

Post by irishtrek »

You might check with John just to make sure.
Normal?? What is normal??
User avatar
aitala
Posts: 6
Joined: Thu Jan 07, 2010 11:25 am
Location: State College, PA
Contact:

Re: Site security

Post by aitala »

You can use the https:// and get a 'secure' connection but you won't see the lock icon as the site is allowing insecure content - in my case my profile avatar - to be loaded.

IIRC, there is a way for phpBB to force all content to be secure but I'd need to check

Eric
Eric Aitala - f1m@f1m.com - www.f1m.com
IPMS/USA Webmaster
User avatar
Bellerophon
Posts: 2621
Joined: Fri Oct 16, 2009 10:00 pm
Location: 13 miles southwest of Grovers Mill
Contact:

Re: Site security

Post by Bellerophon »

Funny, I just did as you suggested aitala, adding the s, and I do see the lock icon in the URL bar.

So what's the risk here? Just spammers getting accounts and posting malicious links, or is there something else?
But isn't it all Klingon opera?

http://bellerophon-modeler.blogspot.com/
NX-17000
Posts: 500
Joined: Fri Nov 16, 2012 1:05 pm
Location: Halifax, Nova Scotia

Re: Site security

Post by NX-17000 »

Bellerophon wrote: Fri Mar 10, 2023 11:55 am Funny, I just did as you suggested aitala, adding the s, and I do see the lock icon in the URL bar.

So what's the risk here? Just spammers getting accounts and posting malicious links, or is there something else?
IIRC, a malicious actor could intercept/read any information traveling between the SSM forum servers and your computer. EG if your forum password happens to be the same as another password (like the SSM store) they could access that account with the intercepted password.

Given that these are just forums and there's no payment involved anywhere, I think that password stealing would be the only risk here.
Post Reply