Melodeon.net Forums

Forum and website admin => Support => Topic started by: busbox on March 12, 2017, 08:22:10 PM

Title: rogue warning?
Post by: busbox on March 12, 2017, 08:22:10 PM
The last few days, when beginning to type my log in name to the appropriate box, I have received a pop-up message telling me that the site is insecure and that the info might be compromised.
the pop-up does not i.d. itself as being from my virus checker or anywhere else, but invites me to 'Learn More'.
I assume that this message is in fact, itself phishing or seeking to make mischief.
Has this happened to others I wonder.
Title: Re: rogue warning?
Post by: vof on March 12, 2017, 09:49:07 PM
I doubt this is a rogue warning. It is probably from your web browser - Firefox/Chrome/IE etc - warning you that your connection - not the site - is insecure because you are using the standard HTTP protocol and not its secure variant HTTPS. Even if you use HTTPS to browse the forum like this: https://forum.melodeon.net/index.php?action=forum, you will probably find that there is still a warning - your padlock icon in your address bar probably may include a yellow triangle - because the site contains images which by their nature are insecure.

The browser is reminding you to use the appropriate protocol for the type of site you are visiting. For example, you should use HTTPS when visiting an online banking site.
Title: Re: rogue warning?
Post by: busbox on March 12, 2017, 11:47:22 PM
Thanks Vince
I'll give that a go.
Interestingly, my browser (Firefox) has remembered the site as forum.melodeon etc wth no https
Cheerio
Tony
Title: Re: rogue warning?
Post by: Anahata on March 13, 2017, 07:50:21 AM
It's definitely the "mixed content" warning. The site also allows plain http unencrypted connections, and you may well get that by default.
Firefox gives me an unencrypted connection by default, switching to secure if I put "https:" in the URL, while Iron (A Chrome-alike) uses https where it can, but clicking on the icon next to the URL leads to the "mixed content" warning.
Neither gives me a warning actually on the page, though I have seen that with some sites.
Title: Re: rogue warning?
Post by: Howard Jones on March 13, 2017, 05:40:11 PM

The browser is reminding you to use the appropriate protocol for the type of site you are visiting. For example, you should use HTTPS when visiting an online banking site.

Then why can't they just say so, instead of giving out a message which can be easily misinterpreted?