Enable HTTPS/SSL/TLS at forums.pcbsd.org
|Reported by:||badon||Owned by:||kris|
HTTPS security has been requested for the PCBSD forums, in the posting Forum SSL improperly configured. I marked the priority of this feature request as critical because all forum information, including passphrases, are handled with no security at all. Anyone eavesdropping on a connection will easily be able to:
- Identify a user that may wish to remain anonymous.
- Login to read PM's.
- Impersonate the user for social engineering attacks.
- Attempt to access other accounts with the same passphrase.