Not secure

This Forum is the main messageboard to discuss all things Claret and Blue and beyond
Post Reply
dermotdermot
Posts: 3479
Joined: Thu Jan 21, 2016 8:50 pm
Been Liked: 660 times
Has Liked: 205 times

Not secure

Post by dermotdermot » Sat Apr 13, 2019 6:57 pm

Not us but the website. It says so at the top of my phone screen.

Whitgord
Posts: 980
Joined: Thu Jan 21, 2016 10:47 am
Been Liked: 250 times
Has Liked: 678 times
Location: Clitheroe

Re: Not secure

Post by Whitgord » Sat Apr 13, 2019 8:24 pm

Mine also

BigChaCha
Posts: 883
Joined: Sun Jul 17, 2016 12:45 pm
Been Liked: 253 times

Re: Not secure

Post by BigChaCha » Sun Apr 14, 2019 2:28 pm

The reason is that this site does not have an SSL Certificate. Well it kind of does looking at the data but it has been revoked or there is some kind of redirection issue. If you type any version of the URL it should always redirect to the https version of the URL if setup correctly. Either way the site is not secure.

This is because Google changed Chrome on mobile versions, back in October to not show non https (so http) sites on Chrome and instead display them as non secure.

Even bog standard websites need to be updated from http to https and have an up to date SSL Certificate for anti-hacking/ddos/malware potential issues but as a membership site that stores members data it's an absolutely disgrace that this site has not been updated.

Basically your data on this domain is at risk! I pointed this out months ago and it's 10 minutes of a job for the site web devs and at very little cost. In fact it's free on most shared hosting these days. There is more of a cost to sites on dedicated servers but still very little.

FactualFrank
Posts: 25445
Joined: Sat Mar 26, 2016 12:46 am
Been Liked: 6930 times
Has Liked: 11660 times
Location: Leeds

Re: Not secure

Post by FactualFrank » Sun Apr 14, 2019 2:38 pm

BigChaCha wrote:The reason is that this site does not have an SSL Certificate. Well it kind of does looking at the data but it has been revoked or there is some kind of redirection issue. If you type any version of the URL it should always redirect to the https version of the URL if setup correctly. Either way the site is not secure.

This is because Google changed Chrome on mobile versions, back in October to not show non https (so http) sites on Chrome and instead display them as non secure.

Even bog standard websites need to be updated from http to https and have an up to date SSL Certificate for anti-hacking/ddos/malware potential issues but as a membership site that stores members data it's an absolutely disgrace that this site has not been updated.

Basically your data on this domain is at risk! I pointed this out months ago and it's 10 minutes of a job for the site web devs and at very little cost. In fact it's free on most shared hosting these days. There is more of a cost to sites on dedicated servers but still very little.
I have to correct you - it's nothing to do with Google and Chrome. Load the site up in a browser such as Firefox and depending on your alert settings and installed software, the same will apply.

The site is http - not https. It needs changing over from http to https. It's done via the host and can be done in a few minutes.

The risk doesn't come down to the stored details directly, it's more a risk if people use the same password on here than they do on other sites. For instance, if you use the same password here that you use to access your email address (think gmail for instance), then hackers will try to access it - get into your email that opens up so many other risks.

Whoever deals with the host - contact them and get it changed over to https. It's as simple as that.
This user liked this post: Bosscat

Post Reply