I started using Firefox instead of IE a few months ago. About a third of the time, when I click on a thread, I get a warning from Firefox:
If I hit the back button, I go back to the thread list. Sometimes it takes several tries to get to the thread, sometimes I get there on the next try.
Why does this happen? What can I do to prevent it?
all it’s saying is that SDMB is not using HTTPS (secure/encrypted HTTP.) I don’t think it’s related to the other issue you’re having.
Should I care that SDMB is not using HTTPS? If not, is there anyway I can prevent Firefox from caring about it specifically for the SDMB pages?
In this case, I wouldn’t worry about it. not using HTTPS means that someone could theoretically see what information you’re sending to the SDMB, and what it’s sending back. since this is just a publicly-accessible message board, all they’d be able to see is what they can already see here anyway*. you would definitely want e.g. your bank’s website to be using HTTPS.
I don’t think FF lets you disable this warning on a per-site basis, you can only toggle it on/off globally.
Just remove the “s” from the URL you are linking to. This thread should be
http://boards.straightdope.com/sdmb/showthread.php?t=830963
While
https://boards.straightdope.com/sdmb/showthread.php?t=830963
will give the error.
That’s not the error the OP is talking about.
Newer versions of Firefox and Chrome bitch because we have a login box on the page and we don’t use https. In the nearly two decades that the SDMB has been around it’s never been a problem, but newer browsers are pushing for better security.
It’s not that big of a deal.
On Firefox, you can disable it by going into about:config (you’ll have to google the exact setting, I don’t remember it off the top of my head), but that enables or disables it everywhere. I don’t think it is possible to enable/disable it on a site by site basis in Firefox.
The straight dope does not have their HTTPS certificates setup incorrectly. The certificate presented is for *.cloudfront.net not straightdope.com. I am sort of surprised that https://boards.straightdope.com works at all.
Maybe the better question is why DON’T we have https? It’s free from letsencrypt, cheap everywhere else, and takes a few minutes to set up.
It’s the same exact error message.
For the SDMB, not specifically, however:
1). If an email from your bank directs you to the bank’s webpage, and Firefox reports that its not secure, not using https:, well, stop, 'cause Yikes. Yikes. And double Yikes.
2). If your password is the same for SDMB as for your banking password, well, stop, 'cause Yikes, people might be able to see it, and maybe use it.
I don’t know how to make Firefox not report this, which it will do for a number of casual web-pages that require a login. I do wish it was less obtrusive 'tho.
Sun-Times Media like the previous owners the Chicago Reader don’t really care about this message board.
It exists mainly through a few people at the Reader keeping it going without interfering with their real jobs and volunteer moderators. It does not really take a few minutes to setup. It takes a few hours to maybe more to find out how your hosting company handles certificates. The end result when you know how your hosting company handles certificates probably takes a few minutes.
Well, it would be nice if they stopped giving Google those invalid https links for absolutely no good reason.
Somehow, by some insane, obscure mechanism, other http-only sites manage to avoid that problem.
Do you maybe have the HTTPS Everywhere add-on installed on your computer?
Excellent question, but since it concerns this Board, let’s move it to ATMB rather than General Questions.
samclem, moderator.