Vienna Symphonic Library Forum
Forum Statistics

182,255 users have contributed to 42,214 threads and 254,731 posts.

In the past 24 hours, we have 4 new thread(s), 23 new post(s) and 47 new user(s).

  1. Home
  2. Website
  3. Site security

  • Site security

    R
    R

    Hello VSL and community,

    Recently I noticed that the website does not use SSL in a forced manner. I now have to manually set https as protocol (luckely there is a valid certificate present on the server),  because i want my session containing personal information to be encrypted as bare minimum/

    Another thing i noticed is that IF i set https as protocol, i see there is mixed content warnings all over, which results in partially encrypted session, instead of full.

    Can somebody from VSL explain why SSL is not enforced with e.g. logins/registration of software etc. (and why it's mixed content)?

    Is there a special reason for this? Or is it a forgotten part of the site (adjusting the links to https e.g.) design/code?

    I'm just curious, not to bash or nag.

    Kind regards,

    Rogier van Gemert

    (Special Edition user) 
  • M
    M

    Now that you mention it, I hadn't noticed the lack of https:

    Now that I'm paying attention, the only time it's forced is during credit card checkout. Only then do I see https, with (NO PADLOCK)...

    That's a good catch rogiervangemert.