Insecure password warning in Firefox
When I attempt to put in my password for UKA in Firefox I receive the following message: "This connection is not secure. Logins entered here could be compromised." Advice, please?
I get this all the time, too. I've been ignoring it, but the question about the security of the site remains. Doesn't it?
Seven months ago when the site was still WABD Richard answered similar questions as follows:
"You may have noticed that when you login / register on this site you get a little popup message that says something like 'this site is not secure'. This is because we've not purchased a security certificate yet. Security certificates are issued by website hosting providers and are a relatively new way for websites to show visitors they are trusted."
If I remember well he also said that the security of the site was not impaired but perhaps we ought to ask the question again.
I bought a security certificate from our hosting provider about 6 months ago and we are secure.
Look at this article which explains it all.
I can't get our security certificate to work becuase of the way I've setup the domain name sub-directories. I have to change something so that the URLs for this site are set to https:// rather than http:// (note the 's' for secure).
Google is pushing back against webpages with URLs that begin with “http” – no “s” – because they don’t encrypt communication between the user and the website. Communication may not be secure and the user’s interactions with the website can be hacked.
I will look into it again to see if I can suss how to do it but rest assured the site is secure.
The security certificate for UKA is attached to our hosting account which was setup using a primary domain called idazle.com. That domain name is our hosting server and all the domains we run come under it. So UKAuthors.com, ukapress.com, droubbles.com and a couple of my own little hobby website. they are subdomains of the primary one (idazle.com). The primary one holds the certificate and all the subdomains are covered by it so all the domains we run (inc UKA) are secure. Problem is, only the primary domain shows the security certificate when you visit.
If you visit the primary domain https://idazle.com you will note that in the URL (address bar) it says 'secure'. It should be saying that for UKA too but that is the problem I am trying to solve.
But It does show that UKA IS secure even though the messages you get say otherwise. Also, note on that Forbes article that the only time you should be worried (by using an 'unsecured' site is if you are entering sensitive info like credit card or other payment details. Something you will never need to worry about on UKA because the only bit of 'sensitive' info we ask for is an email address!
I'll try to suss how to get the certificate working properly on UKA
I might have sussed it!
In my browser now (Wednesday night at almost midnight) I now have the URL secured. You will all probably have been logged out and will need to log in again but once logged in you should see the site is now secured and you shouldn't get the warnings.
Or, I might have buggered up the site so you can't login. One or the other!
Let me know
Fine for me, too! Thank you Andrea and Maestro Richard for the prompt attention and resolution. 🙂