Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
RTRMS36907yThey have styled a plain text input field to look like a password field to remove the security warning that modern browsers place on PW fields when the site has no SSL cert, aka https.
-
kosio-t23917y@RTRMS WTF? It’s not that hard or expensive to make and secure website.
My budget is 0$ but I registered free CF domain, secured it with let’s encrypt and made mail with my own domain on Zoho.
Why are some people that stupid? -
RTRMS36907y@just-basic-user fuuuck knows. I use cloudflare which is also free, but alos on my VPS I roll my own.
-
RTRMS36907y@kalippu google updated thier results algo a few months back to promote security, so everything else being equal, the HTTPS site will rank higher than its HTTP competitors.
-
@Jifuna could you elaborate? Are we talking the “flexible” option in Cloudflare or something worse?
-
Jifuna37267y@JonStodle As far as I know only the connection from the user to the client is secured not from clouflare to you server. So it is still send unencrypted over the internet.
-
RTRMS36907y@Jifuna ye, but that portion is unencrypted between CF an dyour server, not something the real world has access to without knowing your actual servers IP address, something not exposed by CF, so while it is technically less secure, its not unsecure.
You also can have an SSL cert on your server which encrypts the connection between CF and your actual server, its just a dif CF config. -
Jifuna37267yTrue, you're right. Didn't know you could encrypt the connection between cf and the server
-
@Jifuna yes. CF allows for both self-signed and from recognized CA. The best part is of course the caching and superior DNS interface (which I prefer over any other I’ve used)
Related Rants
Security for 2017: Because SSL has nothing to do with security, and just Google's way of increasing it's monopoly...
rant
google
encrption
security
ssl
password