Site security

I find it incredible that nobody from the staff has says anything yet, ideal recipe for loosing forum's members trust. There must be an explanation / solution to this issue....
 
If you click information for website it will say connection is not secure. Or if you have a padlock, it will have a slash through it meaning same thing
 
We've always had https in place, those who only offer PayPal as a means of payment probably don't
 
Seems I accidently replied to a copy of this thread instead of the real thing. Here is what I said.

I don't have access to the hosting so I can't be certain but, in my view, the security of the site is appropriate for what it is. There should be no details on here about people's financials. No card numbers, no account details. No-one would think of using a banking password for logon to another site. I know Boab is currently looking for alternative hosting and that there is a newer release of XenForo to be implemented so no doubt SSL will be along soon. I wouldn't worry about your PayPal address being here just so long as you don't post the password too.
 
On another note, SSL doesn't obviate the need for caution and common sense. Web sites can still be hacked and SSL certificates can still be hooky cf. Symantec's certificates being 'untrusted' by Chrome and various other browsers the other month.
 
found a lot of info here http://cmsdaily.com/how-to-migrate-xenforo-forum-from-http-to-https/

"Why HTTPS?
In short, there are some advantages of migrating your Xenforo forum to HTTPS:
More secure, Member feels safe, Avoid getting “Not Secure” on Google Chrome 56 and above, Avoid getting “!” mark (not secure symbol) in another browser, HTTPS is one of search ranking signals which could help your SEO"

Getting a certificate is easy but the actual migration is looking rather complicated
 
Last edited:
Back
Top Bottom