Site access blocked due to password being sent unencrypted.
ThatOneDude last edited by
I noticed my AV / FW hates this site due to it not using an encrypted connection when sending data. Not sure if anyone else ran into this but as things become more and more sure we're secure it could become a larger issue.
@thatonedude We don't use https for MSB because, well, we don't. There shouldn't be any sensitive information here (and if you're sending over some, well, you shouldn't).
Just make sure to not reuse your passwords, which is a good security practice in general, and I won't have to do actual work to implement Let's Encrypt here.
grapenut last edited by
I won't have to do actual work to implement Let's Encrypt here.
It takes about 30 seconds using Certbot to setup Lets Encrypt for the web server of your choice. Handles all of the config updates for you. Handles automatic renewals for you.