Just come back to this site but why does it keeps saying at the top that the site is not secure and showing a warning sign.
-
-
John
This is one for you I think. I have had a look as to why, but have no idea. -
It doesn’t say it at the top of my screen, but it isn’t secure, it doesn’t have a SSL (HTTPS) installed.Comment
-
Hi, I to have the same problem as John, site not secure and a warning triangle sign ?
Happen in the last hour check everything my end can't find any fault?
PeteComment
-
Don't worry about it! You're not going to be buying anything on the forum are you?
PeteComment
-
If you go to the shop, you'll see the https, showing that it is a secure site.
PeteComment
-
-
Oh good ...for a while there I thought there was something wrong with the site or my security system.
Cheers,
RichardComment
-
Comment
-
Ok that's for clearing that up and many thank for the speedy answersComment
-
It does if Google has anything to say about it. They’ve been pushing for all sites to use HTTPS, regardless of what’s on it, and I seem to remember they intend for Chrome in future to block any that don’t.
Common sense is what’s needed, really: if your browser tells you a site isn’t secure, ask yourself, “Am I going to enter any sensitive information on it?” If not, you can ignore the warning. For example, with a forum like this, anyone eavesdropping on visitors will only really get usernames and passwords to the forum. As long as you don’t use those same names and passwords for important sites (like your bank, PayPal, etc.) there’s no real danger — at worst, someone could impersonate you here on this forum.Comment
-
There is this push to have security certificates on sites. On my business site, which is just an online brochure site and means of contact I have has to buy a certificate to stop the security alert. There is no real reason to need one but people get worried if they see that. The cost was about £25 from memory but at least visitors to the site won’t be put off by it.Comment
-
potential is to take the password & user identity of any account so that means a threat actor could become a John or an Ian m. I'm sure they have some interesting abilities that we do not.
If there is the potential to modify the content that is presented to you to include malware then there is a lot more at risk than just impersonating someone, even if the risk is limited to the potential of impersonating someone, could I use that to some advantage? maybe.Comment
-
Hi John , in light of GDPR you may want to have a think about that, whilst the forum does not store "sensitive" personal data, it does store email addresses and if someone has entered date of birth, location etc. it stores personal data that can be used to identify a data subject. In the event of a data breach you'd be on a very sticky wicket arguing with the information commissioners office that a site that stores personal data that can be used to identify a subject does not need to be secure. The penalties are pretty draconian.
It's a low risk since I don't think the forum is very high on Moscow's target list and the ICO are after the banks etc. but thought you may appreciate the heads-up.Comment
Comment