subpixel Posted August 13, 2019 Share Posted August 13, 2019 I have to criticize a couple of things: Plaintext passwords: Passwords should never be transmitted in plaintext! Especially not when your domain clearly has a TLS certificate. Yet it's happening even when you're on the HTTPS page. HTTP dy default: Almost all links on this site appear to be HTTP, leaking your cookies, making session hijacking child's play. Using captchas during registration and then still requiring manual moderator approval: Super annoying. Quote Link to comment Share on other sites More sharing options...
Tamina Posted September 3, 2019 Share Posted September 3, 2019 Agree with these notes Quote Link to comment Share on other sites More sharing options...
Rudi Posted September 12, 2019 Share Posted September 12, 2019 I noticed there''s a lot of spam posts on this forum as well. My first post had to be approved, I don't know how other spammers get away with putting links in their comment. Also, yes, a SSL certificate is the least to be expected. Quote Link to comment Share on other sites More sharing options...
rich Posted September 26, 2019 Share Posted September 26, 2019 This site has had an SSL cert since day 1. No idea why it wasn't active since the latest upgrade, but I've re-enabled it, so it's SSL by default again. All 'spammers' are verified exactly the same way as everyone else. They just didn't spam in their first post. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.