Gary_M Posted July 17, 2020 Share Posted July 17, 2020 When signing into the forum now my browser tells me that the connection for entering my password is insecure and could be compromised, eavesdroppers or attackers could steal it. Tired putting an https:// in front and it didn't work. Can one of the administrators make this a secure connection? Most websites I visit now are secure, especially ones that require logins including other forums I visit. Quote Link to comment Share on other sites More sharing options...
linda s Posted July 17, 2020 Share Posted July 17, 2020 Yes we do use an older format that some new browsers identify as not secure. My page shows not secure right on the address line. It doesn't mean hackers are on this site and I'm not worried about it at all. Apparently Greg who is a serious computer guy, but who has been paying for this site for years by himself, doesn't think it is an issue. He scans the site frequently and break-in attempts, which there have been several in the time I have been a moderator on this site are stopped in their tracks immediately. You are in a double blind system. I don't even know your email. All messages are routed through the site so it would be impossible for a hacker to get directly to you. Upgrading to a newer format costs money. He already gives enough as far as I'm concerned. Mind you he doesn't even own a Toyota motorhome anymore. Linda S Quote Link to comment Share on other sites More sharing options...
Gary_M Posted July 17, 2020 Author Share Posted July 17, 2020 Understand but it's not the hackers that are on your site... it's when you login thru HTTP at your device your sending your username and password in clear text across many server and network hops to get to the forum. A hacker on any part of that hop can see this information. The forum software plays no part in HTTPS secure authentication, so it needs no newer format . The DNS backbone server is where you need to implement the SSL certificate to enable HTTPS. I see that directnic is the DNS that hosts this forum and yes they are a ripoff when it comes to help keeping you secure, looks like they have a yearly fee of $42.00 for SSL. Sad because my sites are with Dreamhost and the "Let's Encrypt" SSL certificates are free with a click of a checkbox. DNS providers like GoDaddy and many other off this basic service for free. Ironic as it seems this site does a good job using 2 factor authentication and Captcha for registration and posting thus denying hackers access but doesn't provide the "very basic" function of keeping our own members personal data like username and password secure from these hackers. Why doesn't Greg implement a simple donation button? Pretty easy with apps like PayPal. I'd easily give $20 a year to keep things rolling. I'm sure others would donate too. Cheers! Quote Link to comment Share on other sites More sharing options...
linda s Posted July 18, 2020 Share Posted July 18, 2020 Ask him. Go the staff and you can message him. Linda S Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.