SSL Not Fully Secure
-
JonathonWyble
- Posts: 187
- Joined: Sun Apr 08, 2018 1:07 am
- Location: Buffalo, New York
SSL Not Fully Secure
So I found something odd about this site, and that is its connection, whether it's secure or not. When I view topics, the part next to the URL says "You're connection to this site is not fully secure", and says that my information is private, but attackers might be able to modify the contents of the site. This is weird because the URL has HTTPS, and that is used for establishing secure connections for websites, plus there are no "images" that attackers might change. But the SSL is secure on other places on BetaArchive, such as the homepage and the main forum board. I can't embed images as a newly registered member, so I can't show you a screenshot, but if you click the little button next to the URL, you will see what I mean.
- DarkenMoon
- Donator
- Posts: 71
- Joined: Sat Sep 27, 2014 6:32 am
- Location: Reno, Nevada
Re: SSL Not Fully Secure
If a member has an image embedded in their signature or a forum post that, for example, isn't an https (secure) link, it will show that message. I wouldn't worry about it too much.
-
A.S. aka nanocomp.invent.
- Posts: 26
- Joined: Wed Apr 12, 2017 6:42 am
- Location: New York
Re: SSL Not Fully Secure
But isn't embeding non-animated images not alowed acording to the website's image policy?DarkenMoon wrote:If a member has an image embedded in their signature or a forum post that, for example, isn't an https (secure) link, it will show that message. I wouldn't worry about it too much.
-
JonathonWyble
- Posts: 187
- Joined: Sun Apr 08, 2018 1:07 am
- Location: Buffalo, New York
Re: SSL Not Fully Secure
Maybe I could get a browser extension that can force HTTPS, then the site's SSL could be fully secure. I was just making this topic to see if this happened to other users, or if it was just me. Not that it really matters though.A.S. aka nanocomp.invent. wrote:But isn't embeding non-animated images not alowed acording to the website's image policy?DarkenMoon wrote:If a member has an image embedded in their signature or a forum post that, for example, isn't an https (secure) link, it will show that message. I wouldn't worry about it too much.
P.S. I have seen a lot of embedded images on this site from other BetaArchive members, but they have higher roles/ranks than me.
Re: SSL Not Fully Secure
Embedding pictures is not a problem as long as you use our own image uploader and not use an external source. Of course you can post images on the forum but we don't want any external linking since we want to avoid images breaking if the source changes.
Official guidelines: Contribution Guidelines
Channels: Discord :: Twitter :: YouTube
Misc: Archived UUP
- SistemaRayoXP
- Posts: 371
- Joined: Wed Sep 13, 2017 1:26 am
- Location: Tlajomulco de Zuñiga, Jalisco, Mexico.
- Contact:
Re: SSL Not Fully Secure
Urm...
From what I observed with the latest Firefox nightly, a similar message appears when an image in a post or signature is loaded over plaintext HTTP (e.g. mrp's signature in this thread ) You really don't have to worry, your login information is of course transported securely over HTTPS.JonathonWyble wrote:When I view topics, the part next to the URL says "You're connection to this site is not fully secure", and says that my information is private, but attackers might be able to modify the contents of the site.
Re: SSL Not Fully Secure
I can confirm that there is an issue, for one mrpijey's signature image is served over HTTP, signatures are probably the main cause.
This video explains how to change all HTTP links in a page to HTTPS: https://youtu.be/aN4o5BtuTAk
This video explains how to change all HTTP links in a page to HTTPS: https://youtu.be/aN4o5BtuTAk