Jhaierr Posted March 19, 2018 Report Share Posted March 19, 2018 Hello! I am curious if there are plans to migrate the site and forum completely to HTTPS instead of defaulting to HTTP. Currently, even if I manually enter https:// for the URI, it will reset back to HTTP once I click a navigation link or a thread in the forum. This is how sites are going overall (last year over 50% of sites began to use HTTPS), so that's one reason I ask. Quote Link to comment Share on other sites More sharing options...
Simon Posted March 19, 2018 Report Share Posted March 19, 2018 Anything which requires or benefits from SSL is run over SSL. Quote Link to comment Share on other sites More sharing options...
Jhaierr Posted March 19, 2018 Author Report Share Posted March 19, 2018 Right, that's great! I was curious, though, if there are plans for the entire site to be usable using HTTPS in the coming months. Quote Link to comment Share on other sites More sharing options...
Simon Posted March 19, 2018 Report Share Posted March 19, 2018 Again, anything which requires or benefits from SSL is run over SSL. Running the entire site over SSL would not benefit anyone. Quote Link to comment Share on other sites More sharing options...
Jhaierr Posted April 1, 2018 Author Report Share Posted April 1, 2018 Apologies for the long delay in response! I hear what you're saying about the site using SSL, but I noticed something else. The "quick login" dropdown form on the forum does not seem to submit to an https:// connection: <form accept-charset='utf-8' method='post' action='http://www.herogames.com/forums/login/' data-controller="core.global.core.login"> Additionally, the form for the Change Password page does not use https:// either for the page itself or on the form action: <form action="http://www.herogames.com/forums/settings/password/" ... > Is there some way, even though they don't use https:// for the action, that they are still using SSL? Is there something here that I'm missing? Quote Link to comment Share on other sites More sharing options...
Jhaierr Posted April 1, 2018 Author Report Share Posted April 1, 2018 (Also, I just noticed that the Store pages (e.g., Orders, Manage Purchases, My Details, and Client Area) are all using unsecured http://, including the stored credit card page and its form action.) Quote Link to comment Share on other sites More sharing options...
Simon Posted April 1, 2018 Report Share Posted April 1, 2018 That's as of an update that was applied on Friday. I've flipped the entire site over to SSL for the time being until the specific page settings are re-enabled. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.