Status
Not open for further replies.

bogdan

New Member
Yeah, decided to remove it for 2 reasons: the crossed-out https makes people feel less secure (even though they are not...but...) some errors might occur when it is enabled because of the higher load on the server.
 

Tweak

New Member
Got the Wrong certificate name stating the server's certificate did match its hostname as well at first login so guess it may happen to everyone on their first visit here.
 

bogdan

New Member
LaserWraith said:
I understand and agree. A forum doesn't really need HTTPS that much, except while logging in.
Unfortunately mybb doesn't provide a separate login page and the login form appears on pages that include the Board URL starting with http, so browsers will display the warning. I can create a separate login page, but without a separate login procedure, if you insert the wrong password you will be redirected to one of the pages that appear with the warning. Anyway you can still access https://malwaretips.com and login there. Your password will not be sent as clear text through the network. But further data, including cookies with your session ID will be unencrypted.
 
Status
Not open for further replies.