ssl login

[tiptopx10]

Tried searching for this, but couldn't find an answer.

Now, I'm new to this so I may be mistaken :happysad:. My query involves various login pages on x10hosting, the one on cpanel for example. Not once were any of these login pages over ssl (tls). Should that not always be the case when people are sending password information though?

 

[Linkz0rs]

cPanel has an ssl login option.
Just put https://yourserver.x10hosting.com:2083
For example, if your on Lotus... https://lotus.x10hosting.com:2083

The other pages on x10, you can switch to secure, but most of the time you will probably end up with a certificate error because it's self-signed... But you can just ignore that and continue.

https://lotus.x10hosting.com:2083
https://stoli.x10hosting.com:2083
https://cossacks.x10hosting.com:2083
https://boru.x10hosting.com:2083

etc...

 

[davearonson]

Two points:

First, for the users, just because the page is not secure, doesn't mean that it won't transmit the data securely. The question is, what's the form action URL? If it's submitting it to an https address, it'll send it securely. On the other hand, most folks don't know that, and only look at the page itself. Which brings us to:

Second, a suggestion for x10, it might help reassure people, plus actually improve security a bit (by having more folks use the secure version), if there were a prominent link from the unsecure version to the secure version.

 

[Bryon]

The other pages on x10, you can switch to secure, but most of the time you will probably end up with a certificate error because it's self-signed..

This isn't the case anymore, our servers are no longer self-signed with SSL certificates.