MozillaZine login page NOT https?

Talk about stuff specific to the site -- bugs, suggestions, and of course praise welcome.
Locked
machi1x
Posts: 16
Joined: March 9th, 2013, 2:39 pm

MozillaZine login page NOT https?

Post by machi1x »

Maybe this is just me but I went to the login page using the URL I have bookmarked - http://forums.mozillazine.org/ucp.php?mode=login - and immediately saw it was not secure. Checked and saw the link I had stored is http:// but the page was the one I would use to log in - asking for username and password. I tried changing the URL to https and got a 404 message. Am I using an old link?
Thanks.
User avatar
DanRaisch
Moderator
Posts: 127188
Joined: September 23rd, 2004, 8:57 pm
Location: Somewhere on the right coast

Re: MozillaZine login page NOT https?

Post by DanRaisch »

No, you're not. The forum doesn't use HTTPS, only HTTP.
User avatar
makaiguy
Posts: 16878
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA
Contact:

Re: MozillaZine login page NOT https?

Post by makaiguy »

Starting with Ver 52, FFox pops up a warning when attempting to log into sites not accessed via a secure connection (i.e. those using non-secured http protocol instead of secured https protocol). The warning correctly points out that your login name and password are being transmitted in the clear where they can be captured by any server along the way.

This does not mean that the site you are trying to log in to has suddenly become insecure. This situation has always been there, but the folks at Mozilla just decided they'd warn you about it. Reportedly Chrome is now doing the same thing.

To avoid the warning:
  1. If the site supports a secure https connection, use that instead of http. Your transmission will be encrypted and only readable by your destination site.
  2. If you just don't want FFox to warn you of these insecure connections, do this:
    • Enter about:config in the Address/URL bar.
    • Press the button to agree to be careful (if you haven't done this previously).
    • Enter insecure in the Filter bar to limit display to just options containing 'insecure'.
    • Double-click on each of the following two options to toggle them between true and false. Set them to false:
      security.insecure_field_warning.contextual.enabled
      security.insecure_password.ui.enabled
    • Enter autofill in the Search bar.
    • Double-click on signon.autofillForms.http and toggle it to true.
    NOTE: if any of the above options are not found, you can create them manually. Right-click (control-click on Apple) an empty space in the option list. Click New | Boolean. Enter the option name and appropriate true/false value.
Doug Wilson
Win10 64bit: FF 115.0.02 64bit, TB 102.12.0 32-bit ║ Android 13/10: FF 115.2.0/115.0.1 ║ No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers
Locked