Not secure

Discussion in 'Bulletin Board' started by Hooky feller, Apr 16, 2019.

  1. Hooky feller

    Hooky feller Well-Known Member

    Joined:
    Jul 11, 2016
    Messages:
    16,922
    Likes Received:
    19,201
    Trophy Points:
    113
    Occupation:
    Retired, full time grandad.
    Location:
    Mapp.
    Style:
    Barnsley (full width)
    I’ve recently been getting. Not secure showing before the Barnsleyfc.org should I be concerned. Proper technophobe me.
     
  2. Durkar Red

    Durkar Red Well-Known Member

    Joined:
    Jul 19, 2005
    Messages:
    11,849
    Likes Received:
    7,837
    Trophy Points:
    113
    Occupation:
    Exorcist
    Location:
    err..durkar
    Home Page:
    Style:
    Barnsley (full width)
    I think that relates to the members not the website
     
    Plankton Pete and wombwell-red like this.
  3. Tob

    Tobys Knackers Well-Known Member

    Joined:
    Aug 8, 2011
    Messages:
    876
    Likes Received:
    1,312
    Trophy Points:
    93
    Style:
    Barnsley Dark
    I can fix that for you ... I just need the long number from your credit card and the three digits from the back ... :)
     
  4. Hooky feller

    Hooky feller Well-Known Member

    Joined:
    Jul 11, 2016
    Messages:
    16,922
    Likes Received:
    19,201
    Trophy Points:
    113
    Occupation:
    Retired, full time grandad.
    Location:
    Mapp.
    Style:
    Barnsley (full width)
    Ok I’ll pm you with the details. Don’t want any dodgy buggers on here knowing.
     
    Tobys Knackers and BostonRed like this.
  5. BarnsleyReds

    BarnsleyReds Well-Known Member

    Joined:
    Apr 28, 2013
    Messages:
    11,767
    Likes Received:
    13,860
    Trophy Points:
    113
    Style:
    XenForo - Xenith Reds
    It's just because the website isn't encrypted. It doesn't really matter, but it probably should be in this day and age. It's free through LetsEncrypt @Gally
     
  6. John Peachy

    John Peachy Well-Known Member

    Joined:
    Aug 21, 2011
    Messages:
    17,265
    Likes Received:
    16,839
    Trophy Points:
    113
    Occupation:
    The littlest hobo
    Location:
    Leeds, United Kingdom
    Home Page:
    Style:
    Barnsley (full width)
    If you don't have a https url you get this flag. You need a digital certificate for that. Nothing really confidential on here, other than people's passwords.
    Better to use a unique one for this site, in case someone hacks it.
     
  7. BarnsleyReds

    BarnsleyReds Well-Known Member

    Joined:
    Apr 28, 2013
    Messages:
    11,767
    Likes Received:
    13,860
    Trophy Points:
    113
    Style:
    XenForo - Xenith Reds
    I know how it works, https = encryption. I install certificates all the time, LetsEncrypt is free and very good. Very easy to install. as for "Nothing really confidential on here" - https://doesmysiteneedhttps.com/

    Every website in 2019 should have SSL really. There's no reason not to. By a 'unique one' I assume you mean a paid-for domain-specific certificate. I suggest you read this - https://wplift.com/free-ssl-certificate-lets-encrypt-safe - Let's Encrypt offer unique domain-specific certificates, which are signed by the Let's Encrypt Root CA, which allows them to be accepted by most major browsers as 'trusted'. There's no risk of 'hacking' though, or any issue with using a free cert, other than you don't get the privilege of paying a company to generate a certificate for you... You generate it yourself via Let's Encrypt.
     
    John Peachy likes this.
  8. John Peachy

    John Peachy Well-Known Member

    Joined:
    Aug 21, 2011
    Messages:
    17,265
    Likes Received:
    16,839
    Trophy Points:
    113
    Occupation:
    The littlest hobo
    Location:
    Leeds, United Kingdom
    Home Page:
    Style:
    Barnsley (full width)
    Good advice.
     
  9. John Peachy

    John Peachy Well-Known Member

    Joined:
    Aug 21, 2011
    Messages:
    17,265
    Likes Received:
    16,839
    Trophy Points:
    113
    Occupation:
    The littlest hobo
    Location:
    Leeds, United Kingdom
    Home Page:
    Style:
    Barnsley (full width)
    No I meant your log in password as a user. If you use it for your Facebook account you might have problems if the site is hacked.
     
  10. BarnsleyReds

    BarnsleyReds Well-Known Member

    Joined:
    Apr 28, 2013
    Messages:
    11,767
    Likes Received:
    13,860
    Trophy Points:
    113
    Style:
    XenForo - Xenith Reds
    Oh I see, my mistake. I guess this is what happens when you're too far inside the internet security black hole...

    Yes, I would definately recommend a unique password for this site (I would recommend a unique password for all sites, to be fair, store them with something like lastpass, add your phone as a two-factor on there, sorted. You can even set it up to automatically change passwords for you on some sites every x number of days, but that's probably a step too far...)
     
    John Peachy likes this.
  11. Hooky feller

    Hooky feller Well-Known Member

    Joined:
    Jul 11, 2016
    Messages:
    16,922
    Likes Received:
    19,201
    Trophy Points:
    113
    Occupation:
    Retired, full time grandad.
    Location:
    Mapp.
    Style:
    Barnsley (full width)
    I’m alright then. o_O:confused:
     
  12. wat

    watfordRedv2.0 New Member

    Joined:
    Aug 8, 2011
    Messages:
    16
    Likes Received:
    7
    Trophy Points:
    3
    Style:
    Barnsley (full width)
    its actually already over https with a valid certificate, by the looks of it. just needs a redirect from http->https sorting out
     
  13. BarnsleyReds

    BarnsleyReds Well-Known Member

    Joined:
    Apr 28, 2013
    Messages:
    11,767
    Likes Received:
    13,860
    Trophy Points:
    113
    Style:
    XenForo - Xenith Reds
    Good point. it's a cloudflare wildcard certificate, I suspect it's cloudflare Flexible SSL, which encrypts to cloudflare servers but goes unencrypted from cloudflare to the hosting server. not something I would use personally, but probably good enough for this site. needs that redirect in though, or it's pointless.
     

Share This Page