I MAY HAVE POSTED THIS IN THE WRONG PLACE THE FIRST TIME
I have noticed something that may be alarming and I am wondering if any other users are experiencing the same occurrence. My account was reaching warning notice for inactivity suspension, so I decided that I needed to login.
When I go to login to my account it first returns this screen:
Refreshing the page continues with a successful login and takes me to the control panel. I decided to investigate further.
Opening developer tools and looking at the network log in chrome I see this:
----------------------------------------------------------------------------------------
Code:
Request URL:https://x10hosting.com/sso/login/do_login
Request Method
OST
Status Code:500
Remote Address:***.***.***.***
Response Headers
cf-ray:*
content-type:text/html; charset=UTF-8
date:Sat, 17 Dec 2016 17:08:05 GMT
server:cloudflare-nginx
set-cookie:coken=*; Expires=Sat, 17-Dec-2016 19:08:04 GMT; Max-Age=7200; Path=/; Domain=.x10hosting.com; Secure
set-cookie:x10session=* Domain=.x10hosting.com; Secure; HttpOnly
status:500
vary:Accept-Encoding
x-powered-byHP/5.5.24
Request Headers
:authority:x10hosting.com
:methodOST
ath:/sso/login/do_login
:scheme:https
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip, deflate, br
accept-language:en-US,en;q=0.8
cache-control:no-cache
content-length:150
content-type:application/x-www-form-urlencoded
cookie:__cfduid=*; xf_session=*; coken=*; __context=*; x10session=*
origin:https://x10hosting.com
pragma:no-cache
referer:https://x10hosting.com/sso/login
upgrade-insecure-requests:1
user-agent:Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Form Data
view source
view URL encoded
token:*
identifier:plain_text_email@myemail.com
passwordlain_text_password!?
do_login:1
continue:true
usess_u:
usess_d:
----------------------------------------------------------------------------------------
I've replaced possibly sensitive information with an asterisk '*'.
What is alarming here is that my login credentials are sent to cloud-flare servers in plane text, and http only is specified in the headers. This seems very concerning but I do not know enough about SSL and x10hosting login processes to know if it is normal or not. I feel it is not.
My site is still inaccessible even though it says online, and all that I see is:
When I try to access this. I would like help understanding this, as well as what I need to do to get my site functioning properly again.
I've included all links files in the attachments.
I have noticed something that may be alarming and I am wondering if any other users are experiencing the same occurrence. My account was reaching warning notice for inactivity suspension, so I decided that I needed to login.
When I go to login to my account it first returns this screen:
Refreshing the page continues with a successful login and takes me to the control panel. I decided to investigate further.
Opening developer tools and looking at the network log in chrome I see this:
----------------------------------------------------------------------------------------
Code:
Request URL:https://x10hosting.com/sso/login/do_login
Request Method
OSTStatus Code:500
Remote Address:***.***.***.***
Response Headers
cf-ray:*
content-type:text/html; charset=UTF-8
date:Sat, 17 Dec 2016 17:08:05 GMT
server:cloudflare-nginx
set-cookie:coken=*; Expires=Sat, 17-Dec-2016 19:08:04 GMT; Max-Age=7200; Path=/; Domain=.x10hosting.com; Secure
set-cookie:x10session=* Domain=.x10hosting.com; Secure; HttpOnly
status:500
vary:Accept-Encoding
x-powered-by
HP/5.5.24Request Headers
:authority:x10hosting.com
:method
OSTath:/sso/login/do_login:scheme:https
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip, deflate, br
accept-language:en-US,en;q=0.8
cache-control:no-cache
content-length:150
content-type:application/x-www-form-urlencoded
cookie:__cfduid=*; xf_session=*; coken=*; __context=*; x10session=*
origin:https://x10hosting.com
pragma:no-cache
referer:https://x10hosting.com/sso/login
upgrade-insecure-requests:1
user-agent:Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Form Data
view source
view URL encoded
token:*
identifier:plain_text_email@myemail.com
password
lain_text_password!?do_login:1
continue:true
usess_u:
usess_d:
----------------------------------------------------------------------------------------
I've replaced possibly sensitive information with an asterisk '*'.
What is alarming here is that my login credentials are sent to cloud-flare servers in plane text, and http only is specified in the headers. This seems very concerning but I do not know enough about SSL and x10hosting login processes to know if it is normal or not. I feel it is not.
My site is still inaccessible even though it says online, and all that I see is:
When I try to access this. I would like help understanding this, as well as what I need to do to get my site functioning properly again.
I've included all links files in the attachments.
