+3
Planned

Force HTTPS

Liam Slater 5 years ago • updated by RaMMicHaeL 3 weeks ago 2

I really like Userecho but when I went to reset my password and try signing up for a free forum to test it out I noticed that my settings page was over HTTP, as was everything I was trying to do on the site.


Userecho really needs to set user cookies as secure only and put login forms on HTTPS pages

+1, especially now when browsers begin to warn when http is used.


Chrome: https://venturebeat.com/2017/01/26/chrome-56-arrives-with-warning-for-http-password-and-credit-card-webpages-faster-page-reloading/


Firefox: https://blog.mozilla.org/tanvi/2016/01/28/no-more-passwords-over-http-please/


I know that UserEcho supports https, but doesn't use it by default. Many websites redirect to https, please do the same.