|
CC Site Not Secure / Cookies
Google Chrome is reporting the site is "Not secure", as it's using HTTP, rather than HTTPS. I can 'force' a page to HTTPS by entering it in the URL, but any clicked links open using HTTP. Even the login page is using HTTP, meaning usernames and passwords are communicated without encryption and therefore vulnerable to sniffing and 'man in the middle' techniques.
At what point is HTTPS going to be fully implemented and HTTP removed? Also worth noting is there are 12 cookies set when opening the 'New Posts' page. 12?? Is that many really necessary?
https://www.amazon.ca/clouddrive/sha...v5PdeSHxiEG1K9 What are others seeing? |
This site is way behind the times with respect to modern net practices. The only real exposure is your login password is sent clear text. With no ecomerce there's little exposure unless you share your username/password at other locations [hint, change it unique here]. I use the same login over multiple forums but if someone wants to steal my username/password and post here, more power to them. Of the 5 car forums I monitor regularly (in that they have a tab in this window) only one is using HTTPS.
|
There's nothing here worth securing with an SSL. And implementing it would just be one more thing to break, expire and set off flags with your browser, etc. I think you should be more concerned that your neighbor is spoofing ARP packets on your home network and diverting all your traffic over to his house where he is setting up a Man In The Middle attack with a self signed certificate that looks like your bank account log in.:cool:
|
Quote:
Glasswire looks for and reports ARP spoofing. Regardless, my neighbours are far enough away that they see a pretty weak WiFi signal. |
| All times are GMT -7. The time now is 03:46 PM. |
Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.6.0
The representations expressed are the representations and opinions of the clubcobra.com forum members and do not necessarily reflect the opinions and viewpoints of the site owners, moderators, Shelby American, any other replica manufacturer, Ford Motor Company. This website has been planned and developed by clubcobra.com and its forum members and should not be construed as being endorsed by Ford Motor Company, or Shelby American or any other manufacturer unless expressly noted by that entity. "Cobra" and the Cobra logo are registered trademarks for Ford Motor Co., Inc. clubcobra.com forum members agree not to post any copyrighted material unless the copyrighted material is owned by you. Although we do not and cannot review the messages posted and are not responsible for the content of any of these messages, we reserve the right to delete any message for any reason whatsoever. You remain solely responsible for the content of your messages, and you agree to indemnify and hold us harmless with respect to any claim based upon transmission of your message(s). Thank you for visiting clubcobra.com. For full policy documentation refer to the following link: