Post by Tommy on Apr 4, 2019 11:37:13 GMT -5
All, recently there has been a push by internet related companies to force all websites to use encryption security for all transmissions over the internet. Merits aside, this change requires a costly upgrade to accomplish and thus many sites that really don't need it will be slow in upgrading to it or will never upgrade. These sites are now being broadcasted (shamed?) as "not secure" by the browser companies on internet related devices.
----------
Summary:
A website that has the standard HTTP:// address does not encrypt data and is not safe to enter sensitive information such as credit card numbers, etc.
A website that has HTTPS:// does encrypt data before sending and is safer for entering sensitive information.
----------
Proboards.com provides this forum software and they have not upgraded to secure HTTPS:// and haven't previously been forced to because there is no ecommerce occurring where folks are being asked to enter sensitive information that could fall into the wrong hands. Consequently, members/visitors of this forum have been seeing the "not secure" message in our computer browsers for months, and now it is spreading into phone browsers I am told.
Proboards official position appears to be "we're working on it..." I take this to mean they are weighing the heavy costs associated with an upgrade to HTTPS (encryption) and trying to decide what to do. The following is all they will say about it and all new inquiries are directed to this statement:
Hi,
The "Not Secure" text refers to the fact that the page is http and not https. Recently there has been a push to make all pages https. Currently, ProBoards only serves pages that need to be secure over https (login and store pages) but we will be making the move to serving all pages over https in the not-too-distant future.
This isn't something you need to worry about.
And this:
Currently ... ProBoards only utilizes HTTPS on the login page of the forum at the moment as that's the only location it's applicable to.
No action is required on your part as there's nothing inherently wrong with a site not using HTTPS so long as it doesn't request any personal information of you. The warning is there as a reminder to users not to enter anything information they don't want to risk sharing to an external source if the page lacks HTTPS.
We use HTTPS on all pages that require any personal information entered to be secure such as during login and purchase checkouts.
If any of our more techie minded members feel like shedding more light on this, pros or cons, please feel free. I'm sure there are many layers of the subject that I barely skimmed over.
----------
Summary:
A website that has the standard HTTP:// address does not encrypt data and is not safe to enter sensitive information such as credit card numbers, etc.
A website that has HTTPS:// does encrypt data before sending and is safer for entering sensitive information.
----------
Proboards.com provides this forum software and they have not upgraded to secure HTTPS:// and haven't previously been forced to because there is no ecommerce occurring where folks are being asked to enter sensitive information that could fall into the wrong hands. Consequently, members/visitors of this forum have been seeing the "not secure" message in our computer browsers for months, and now it is spreading into phone browsers I am told.
Proboards official position appears to be "we're working on it..." I take this to mean they are weighing the heavy costs associated with an upgrade to HTTPS (encryption) and trying to decide what to do. The following is all they will say about it and all new inquiries are directed to this statement:
Proboards Admin said:
Hi,
The "Not Secure" text refers to the fact that the page is http and not https. Recently there has been a push to make all pages https. Currently, ProBoards only serves pages that need to be secure over https (login and store pages) but we will be making the move to serving all pages over https in the not-too-distant future.
This isn't something you need to worry about.
And this:
Proboards Admin said:
Any site that doesn't use HTTPS will show that on a page that accepts user input. Technically Chrome already does this, but it's hidden within the bubble that comes up when clicking on the (i) icon on the very left of the address bar.Currently ... ProBoards only utilizes HTTPS on the login page of the forum at the moment as that's the only location it's applicable to.
No action is required on your part as there's nothing inherently wrong with a site not using HTTPS so long as it doesn't request any personal information of you. The warning is there as a reminder to users not to enter anything information they don't want to risk sharing to an external source if the page lacks HTTPS.
We use HTTPS on all pages that require any personal information entered to be secure such as during login and purchase checkouts.
If any of our more techie minded members feel like shedding more light on this, pros or cons, please feel free. I'm sure there are many layers of the subject that I barely skimmed over.
