SkyDemon Forums

SSL for Website and Forums

http://forums.skydemon.aero/Topic27483.aspx

By jokoenig - 12/7/2018 3:36:50 PM

Dear Tim & Team,

I've noticed that the websites and forums settings are not completey state of the art when it comes to encryption. There are potential points of improvement I've found:

- The website has an SSL certificate, which is good. However, visitors are not forwarded automatically to the encrypted version
- The forums do not have encryption at all

Especially since you're dealing with personal data and logins, this is a potential security risk. However, implementing a baseline of security is not much effort at all. All you need is a certificate for the forums page and an automatic redirection for both pages. Free SSL certificates can be obtained from Let's Encrypt for example.

If you want to make a game out of it: Try to improve your grade for both sites on https://observatory.mozilla.org . Once you've started, it's actually quite funny to see the score rising :-)

Best Regards
jk
By Tim Dawson - 12/14/2018 5:12:45 PM

It's very kind of you to be so concerned with the way our website works. We will bear your feedback in mind.