Liam Slater 6 years ago • updated by RaMMicHaeL 1 year ago 2

I really like Userecho but when I went to reset my password and try signing up for a free forum to test it out I noticed that my settings page was over HTTP, as was everything I was trying to do on the site.

Userecho really needs to set user cookies as secure only and put login forms on HTTPS pages


+1, especially now when browsers begin to warn when http is used.

Chrome: https://venturebeat.com/2017/01/26/chrome-56-arrives-with-warning-for-http-password-and-credit-card-webpages-faster-page-reloading/

Firefox: https://blog.mozilla.org/tanvi/2016/01/28/no-more-passwords-over-http-please/

I know that UserEcho supports https, but doesn't use it by default. Many websites redirect to https, please do the same.