Forums: Rockclimbing.com: Security & Scams: Https now supported, I suggest using when you log into RC from public wifi: Edit Log




Partner Jeff
Owner

Dec 3, 2013, 6:21 PM

Views: 3629

 
Https now supported, I suggest using when you log into RC from public wifi
Report this Post
Average: avg_1 avg_2 avg_3 avg_4 avg_5 (3 ratings)  

Hey all,

https is now supported sitewide--to use it, just add a 's' to any RC url: https://www.rockclimbing.com

I suggest you use it whenever logging into RC from public wifi. Cell phones or your home/trusted internet doesn't matter much.

When you do this, you will probably see mixed-content warnings saying that some of the page content is insecure. That's because the ads aren't served over https. Afraid that's not something I can fix anytime soon, although thankfully it's also not a bid deal from a security perspective unless someone is really out to hack you.

Background:
When you access websites using http (sans the 's') your traffic to/from the website is sent in plaintext. That means anyone who is on the same wifi network can see which pages you're browsing on RC (not a big deal) plus any info you send the site, such as your password (very much a big deal).

When you add the 's' to the https, it encrypts the traffic to/from the website so only your computer and the website understands what you're doing, and anyone listening in on the wifi only sees garbled text.

In other words, http = firesheep fodder, https = no firesheep worries.

I stuck this message in General to make sure it gets seen by the site regulars, after a bit I'll move it to the Announcements/Site updates forum.

If you hit any problems with it, PM me the URL, the warning message if there is one, or a screenshot of the error.

Cheers,
Jeff
"Wearing my tinfoil hat this week"


(This post was edited by Jeff on Dec 3, 2013, 8:34 PM)



Edit Log:
Post edited by Jeff (Owner) on Dec 3, 2013, 6:22 PM
Post edited by Jeff (Owner) on Dec 3, 2013, 6:25 PM
Post edited by Jeff (Owner) on Dec 3, 2013, 6:26 PM
Post edited by Jeff (Owner) on Dec 3, 2013, 6:26 PM
Post edited by Jeff (Owner) on Dec 3, 2013, 8:34 PM


Search for (options)

Log In:

Username:
Password: Remember me:

Go Register
Go Lost Password?
$49.46 (10% off)
$57.31 (10% off)
$25.16 (10% off)
$21.56 (10% off)