Poll

Force HTTPS on forums.comodo.com for enhanced security?

Yes
9 (100%)
No (specify why in the comments below)
0 (0%)

Total Members Voted: 9

Voting closed: October 11, 2014, 05:04:23 AM

Author Topic: Force HTTPS on forums.comodo.com [merged]  (Read 1970 times)

Offline cocalaur

  • Comodo's Hero
  • *****
  • Posts: 333
  • Happy COMODO user
Force HTTPS on forums.comodo.com [merged]
« on: September 25, 2014, 06:10:27 PM »
Hi. I have noticed that forums.comodo.com can be accessed either
in http ot https, depending how the user manually spells the address.
But I think it would be more secure if SSL/TLS is implemented by default on this
forum, especially when it's already there. Opinions? :)
« Last Edit: September 27, 2014, 07:03:39 PM by EricJH »
=================================
Son: "Dad, what is malware?"
Dad: "I don't know, son, we use COMODO."
=================================

Offline captainsticks

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11198
    • Comodo Help
Re: Force HTTPS on forums.comodo.com
« Reply #1 on: September 25, 2014, 07:12:25 PM »
Hi cocalaur,
I agree it should be default, I force secure connections using Dragon. :-TU

Kind regards.

Offline Chiron

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11951
Re: Force HTTPS on forums.comodo.com
« Reply #2 on: September 25, 2014, 09:11:29 PM »
I agree. SSL should be enabled by default for the forums. :-TU

Offline JoWa

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5763
  • I believe in doubt.
    • Evolutionary history of life
Re: Force HTTPS on forums.comodo.com
« Reply #3 on: September 26, 2014, 02:58:47 AM »
Yes, HSTS should be enabled (and CVE-2014-0224 fixed). TLS everywhere! :D
Ubuntu 19.04 | Chrome 74β | HTTPS Everywhere | Privacy Badger
Forum Policy | Comodo Product Help

Online EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25104
Re: Force HTTPS on forums.comodo.com
« Reply #4 on: September 26, 2014, 07:37:38 PM »
It should be easy enough to redirect user from http to https.

Offline cocalaur

  • Comodo's Hero
  • *****
  • Posts: 333
  • Happy COMODO user
Force HTTPS on forums.comodo.com
« Reply #5 on: September 27, 2014, 05:02:26 AM »
Sometimes, forums.comodo.com does not load with HTTPS at all,
but since the protocol is already there and can be input manually
in the address bar, why not make it default?
« Last Edit: September 27, 2014, 05:10:06 AM by cocalaur »
=================================
Son: "Dad, what is malware?"
Dad: "I don't know, son, we use COMODO."
=================================

Online EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25104
Re: Force HTTPS on forums.comodo.com
« Reply #6 on: September 27, 2014, 07:03:17 PM »
I merged two topics.

For those who have not already voted please don't forget to.

Offline JoWa

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5763
  • I believe in doubt.
    • Evolutionary history of life
Re: Force HTTPS on forums.comodo.com [merged]
« Reply #7 on: October 22, 2014, 01:52:52 PM »
HSTS is now enabled for forums.comodo.com, help.comodo.com, www.comodo.com, blogs.comodo.com, support.comodo.com, ssl.comodo.com etc. :) :-TU

Now just add a preload token and submit comodo.com here. ;)

TLS_FALLBACK_SCSV is also enabled, to prevent downgrade attacks. :-TU
Ubuntu 19.04 | Chrome 74β | HTTPS Everywhere | Privacy Badger
Forum Policy | Comodo Product Help

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek