Should the Member Login be https instead of http?

Author: Colin W.

Visited 1678, Followers 1, Shared 0

Tags: flaw,heartbleed,http,https,login,member,openssl

Testing "Member login" site for heartbleed flaw, which is due to a bug in OpenSSL used in many websites.

See http://www.smh.com.au/it-pro/security-it/web-security-in-doubt-after-discovery-of-heartbleed-flaw-20140409-zqsif.html

The article says each website can be tested at http://filippo.io/ and when I tested with www.oursaviourap.org.au it tested OK. I then tested on the Member Login http://www.oursaviourap.org.au/imlogin.php?loginstatus=-3 it bought up the message

"Uh-oh, something went wrong:You should check the http"s" site Check what it means at the FAQ. It might mean that the server is safe, we just can't be 100% sure!"

I suspect it is not the Heartbleed flaw, but from the message I wonder if the Member Login should be https instead of http. Do you think that may be possible, and if so can Website X5 change that? I don't know much about this, just asking questions.

Posted on the 04/11/2014 22:27:10

2 ANSWERS - 1 USEFUL

Anthony A.

User

if you are not handling credit cart information, you do not need to buy ssl certificate.

if this post is the correct answer, please mark this answer as correct answer.

------------------------------------------------------------

Good Luck
https://nuluhost.com (compatible with x5 program, 30 days money back guarantee)
http://www.wdesigners.us (new)
http://www.usx5.com (coming soon)(Sign up)

Posted on the 04/11/2014 23:10:45 from Anthony A.

Colin W.

User
Author

Thankyou for your prompt reply and useful links.

Posted on the 04/12/2014 00:46:50 from Colin W.