• Last Updated:
  • Dec 9th, 2018 11:16 pm
Tags:
[OP]
Deal Addict
Dec 13, 2010
1277 posts
438 upvotes
ON

RFD not secure?

I'm using Chrome. RFD is showing as not secure. HTTPS certificate broken or expired?
17 replies
Deal Fanatic
Mar 10, 2005
6405 posts
1167 upvotes
its an issue with your bookmark

go to https://www.redflagdeals.com
________

"Leaders who don't listen will eventually be surrounded by people who have nothing to say"
[OP]
Deal Addict
Dec 13, 2010
1277 posts
438 upvotes
ON
I figured out how this happened.
I get emailed when someone replies to me.
The link in the email to see the thread specifies http, NOT https.

@TomRFD , Devs, maybe worth fixing?

And weirdly enough some emails have http, some have https
Sr. Member
User avatar
Oct 1, 2013
584 posts
477 upvotes
is anyone else getting a "not secure" rating on their browser for this website? I'm getting this on Safari and Chrome. I have tried this on several devices and they all show up as "not secure"
Images
  • Untitled.png
Sr. Member
User avatar
Oct 1, 2013
584 posts
477 upvotes
This is so dumb. The direct link from Google to the Hot Deals forum doesn’t contain https:// and after logging in to your account on the forums page, the site kicks you out of https://. Shake my head.
Deal Addict
User avatar
Sep 10, 2005
3548 posts
765 upvotes
GTA
Looks like RFD doesn't have HTTPS enabled by default.

Youu shouldn't follow links through email anyway. That's always a security concern because of phishing attempts. Best to go to a site directly through the address bar or a bookmark
Sr. Member
User avatar
Oct 1, 2013
584 posts
477 upvotes
Dave98 wrote:
Nov 28th, 2018 9:23 am
Looks like RFD doesn't have HTTPS enabled by default.

Youu shouldn't follow links through email anyway. That's always a security concern because of phishing attempts. Best to go to a site directly through the address bar or a bookmark
This is what I ended up doing. So strange that it’s not enabled by default. It’s just a pain that I have to click on my bookmark link and then search the thread I got an email alert for.
Deal Fanatic
Aug 14, 2007
9135 posts
926 upvotes
Toronto
Not sure if it matters to the RFD community, but redflagdeals.com comes up as secure however in chrome when going to forums.redflagdeals.com it shows as Not Secure.

Just thought I would give a heads up in case that is something that needs to be looked in to.

EDIT: Apparently the search function failed on me when posting this.
Capture.JPG
Deal Guru
Mar 22, 2004
11334 posts
1755 upvotes
RFD
I've noticed RFD not being https by default on more than a few occasions, sometimes through searches, and sometimes I think it has to do with a particular browser.
Jr. Member
Jun 9, 2012
111 posts
35 upvotes
Vancouver
It should be on all the time to maintain privacy. There are some users here that use RFD to make purchases and without encrypting the traffic, other users on the same network could capture account credentials or whatever important private messages that are sent on RFD.
Sr. Member
User avatar
Oct 1, 2013
584 posts
477 upvotes
BigBrother0 wrote:
Dec 1st, 2018 3:47 pm
It should be on all the time to maintain privacy. There are some users here that use RFD to make purchases and without encrypting the traffic, other users on the same network could capture account credentials or whatever important private messages that are sent on RFD.
What do you mean by encrypting traffic? VPN?
Jr. Member
Jun 9, 2012
111 posts
35 upvotes
Vancouver
dealxtremeleecher wrote:
Dec 1st, 2018 4:05 pm
What do you mean by encrypting traffic? VPN?
HTTPS encrypts web browser traffic, typically on port 443, but can be on any port. It will only reveal to others on your local network that you connected to RFD A VPN is a way to encrypt data between two computers across the internet, typical consumers these days use VPN to redirect their traffic thru a VPN server as a way to hide their real internet connection origin (circumventing region blocks for internet services). A VPN does not encrypt your web browser traffic, so if someone from the VPN provider side decided to capture your web browsing activity for whatever reason, they might also capture login + password + sensitive messages that are sent and received on HTTP. However at least during a VPN connection, the local network will only know that you are sending traffic to the VPN, nothing else.

The only time I see HTTP to be very bad is if you are using public wifi or even work wifi as you have no control over who gets access to the local network, so some wifi user or even the wifi provider themselves can snoop around for login credentials and messages sent on HTTP. This is the only scenario where HTTP is very bad and HTTPS is necessary. A VPN could also work in such a case, but you have to trust the VPN provider isn't snooping your HTTP traffic.

Top