Diablo 2 mods
 


Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Sat Jun 10, 2017 2:32 pm 
 Post subject: Enable SSL encryption by default
 
Offline
Knight

Joined: Sat Oct 16, 2010 4:29 pm
Posts: 32
Gender: None specified
Hello folks,

I noticed that when

- logging in
- changing my password in control panel

The website provides no encryption. This is a huge security vulnerability. Can you please activate SSL by default on your site? It wouldn't be too difficult to do since now you can get free SSL certificates through "Let's Encrypt". You can also use their automatic scripts to auto-renew the certificate every 3 months.

Also, when enabling SSL by default, you can use SSL Redirects on your :80 connections so that they are automatically redirected to the :443 secure equivalents.

https://letsencrypt.org/

- Jonathan


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Black Rock template by onyx (based on BlackSoul for phpBB2)