Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Secure pages on posts https vs http
Old 01-04-2019, 06:31 PM   #1
Recycles dryer sheets
 
Join Date: Oct 2017
Location: Orlando
Posts: 76
Secure pages on posts https vs http

The home page is https but the subsequent child pages are just http? Any reason for this?
__________________

Retiree_Having_Fun is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 01-04-2019, 11:07 PM   #2
Full time employment: Posting here.
 
Join Date: Jan 2007
Location: Thousand Oaks
Posts: 923
I canít think of a good one
__________________

mh is offline   Reply With Quote
Old 01-05-2019, 02:56 AM   #3
Administrator
Alan's Avatar
 
Join Date: Jul 2005
Location: Eee ba gum
Posts: 24,155
There was an earlier thread on this issue here, with Janet giving the following explanation.

Quote:
Originally Posted by Janet H View Post
The login pages here are secure (httpS) but as noted by many, the rest of the site is not. We store no financial info or other sensitive content here and we long ago changed login pages (where password data is passed) to meet current security standards.

The primary reason for not changing the rest of the site is that we have thousands of links in posts to offsite images and content that are not https. ALL those links would break. As the www updates it will be easier to make this change but for now we would rather retain that content then break it.
__________________
Retired in Jan, 2010 at 55, moved to England in May 2016
Enough private pension and SS income to cover all needs
Alan is offline   Reply With Quote
Old 01-05-2019, 03:58 AM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Mar 2011
Posts: 5,622
Quote:
Originally Posted by Alan View Post
There was an earlier thread on this issue here, with Janet giving the following explanation.
Could these insecure pages be the source of your CC fraud charge you mentioned on another post? JUST KIDDING!!!!
__________________
Living well is the best revenge!
Retired @ 52 in 2005
marko is offline   Reply With Quote
Old 01-05-2019, 05:22 AM   #5
Administrator
Alan's Avatar
 
Join Date: Jul 2005
Location: Eee ba gum
Posts: 24,155
Quote:
Originally Posted by marko View Post
Could these insecure pages be the source of your CC fraud charge you mentioned on another post? JUST KIDDING!!!!
Remarkable timing for sure
__________________
Retired in Jan, 2010 at 55, moved to England in May 2016
Enough private pension and SS income to cover all needs
Alan is offline   Reply With Quote
Old 01-09-2019, 02:43 PM   #6
Recycles dryer sheets
 
Join Date: Jul 2016
Location: New Hampshire
Posts: 381
No, existing links won't break if you add an http to https rewrite in your server's .htaccess file. (Some web hosts have a control panel option for this redirect.)

One problem is that the cookie is transmitted insecurely and this allows for user spoofing. Another is that all the text sent and received is "in the clear" and can be intercepted. Also, Google downgrades search results for non-https pages.

Please make the whole site https. There's no good reason left to not do this.
__________________
Steve
jonat is offline   Reply With Quote
Old 01-09-2019, 03:08 PM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Sunset's Avatar
 
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 7,143
http is faster than https, which is why some sites are slow to change.
__________________
Fortune favors the prepared mind. ... Louis Pasteur
Sunset is offline   Reply With Quote
Old 01-09-2019, 03:18 PM   #8
Thinks s/he gets paid by the post
 
Join Date: Nov 2011
Posts: 3,040
Some sites wisely permit both http and https so that the user can decide.
__________________

GrayHare is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What does the https lock mean to you lemming Other topics 14 08-15-2016 07:39 AM
https site Brat Other topics 13 02-26-2016 04:10 AM
Pfau: https://www.onefpa.org/journal/Pages/OCT15-Making-Sense-Out-of-Variable-Spendin walkinwood FIRE and Money 62 10-17-2015 02:53 PM
https: (+ padlock) kaneohe Other topics 3 07-21-2011 11:28 AM
pages missing from new posts ronin Forum Admin 3 08-04-2008 10:48 AM

» Quick Links

 
All times are GMT -6. The time now is 10:26 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.