How can we improve Gameolith for you?

SSL/HTTPS support

As far as I can see there is currently no support for encrypted communications with the Gameolith site.
Due to the commercial nature and personal data, I think it is absolutely vital to provide that in the near future.

12 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    thomasgthomasg shared this idea  ·   ·  Admin →

    4 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • MikeMike commented  · 

        Well, the "sign in" link does not enforce SSL... So please change that and the password reset (and change password from the user profile page) links to https. I'm not a specialist, but isn't there a way to actually disable non-SSL access for all pages under /accounts, so that accessing them with an http:// link is impossible?

      • janMakujanMaku commented  · 

        I know this is marked as completed, but while it is possible to manually switch to SSL login by entering https:// in the URL, it is not enforced by default. After logging in the navigation remains non-SSL (but that is not such a big issue, although I feel safer with sites permenently keeping me on an SSL connection like gmail does).
        Another thing is SSL when resetting the password. I just did that and got a normal non-SSL link.

      • AnonymousAnonymous commented  · 

        Starting an online store without SSL is like... starting an online store without SSL.
        Sorry, I couldn't think of anything else quite so irresponsible.

        It really doesn't engender confidence in the site, when basic security is deemed a lower priority than "scaling". Especially at a stage when scaling REALLY shouldn't be an issue.

      Feedback and Knowledge Base