User Help for Mozilla Firefox
7 posts • Page 1 of 1
When I go to my home page, a WordPress blog, no warnings. However, when I to to the admin page and try to log in, I get the little pop-up of the lock with a red slash telling me that it's not secure. I have had, of course, to proceed anyway to update things, but what should I do to make this secure? I realize I have imperfect control of WordPress and its interface, but I should do something. My site is http://www.haberarts.com/, and I assume I shouldn't tell you the admin URL.
I tried, fwiw, to open the same page but with https, not that I could have told you that such an address exists. There I got a whole Firefox page telling me I could not continue because the site is insecure. Incidentally, I also get the smaller pop-up warning when I log into mozillaZine! I should say that my passwords have a mix of lc letters, up letters, numbers, and punctuation, so I'm satisfied on that account. Thank you.
Starting with Ver 52, FFox pops up a warning when attempting to log into sites not accessed via a secure connection (i.e. those using non-secured http protocol instead of secured https protocol). The warning correctly points out that your login name and password are being transmitted in the clear where they can be captured by any server along the way.
This does not mean that the site you are trying to log in to has suddenly become insecure. This situation has always been there, but the folks at Mozilla just decided they'd warn you about it.
To avoid the warning:
Doug Wilson, "The Makai Guy"
Win10: FF 52.0 (32bit), TB 45.8.0║ Android 6.0.1: FF 52.0, No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers
Thanks to you both. Makai, I changed those three options, and as you say the warning has vanished. Reflective, I appreciate the link. Changing to https seemed above my head, and it still looks imposing, but this could help.
May I also ask your opinion about transitioning to https? If I understand correctly, it's designed not so much to protect the site as to protect the privacy of users. (I don't quite understand how, after reading a few online articles, but that's neither here nor there.) In other words, it would be to protect my identity from my admin page, or from me! It's of obvious advantage to a commerce site that asks for payments, but that's different. And of course it would cost me a small sum each year for the certificate. So is it really worth it?
It would basically double my webhosting costs, just for a single domain. I would have to pay for both a private IP address (on shared hosting) and the certificate. My blog has been this way for 10 years. Until WordPress itself or something requires SSL I'll just let it be. I do other things like banning all other IP addresses except mine from being able to log into my site. There is no reason for someone else to log into my blog or galleries.
My Firefox Config
7 posts • Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 17 guests