XF 1.4 Forse SSL for Login-Form

schroeffu

schroeffu

Active member
Licensed customer
Hi Team,

i've the problem that some plugins aren't running while SSL is active for every site (XenRio Streams for example), so is there any option to only force the Login-Form use SSL/HTTPS, but not on other sites/(sub)pages?

Thanks for any idea.
Regards Schroeffu
 
Sort by date Sort by votes
Yes, but it is completely pointless as the cookie data would then be sent over an insecure connection for all other page loads, allowing someone to hijack the session.

False security.
 
  • Like
Reactions: Xon
Upvote 0 Downvote
Additionally, if the login cookie is created via SSL; XenForo marks it as secure and most sane browsers will then delete the cookie if it touches a non-SSL connection.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Ulas K
  • Question Question
XF 2.0 About Change Width Pixels for Popup Login Form
Replies
2
Views
946
Ulas K
Ulas K
raybees
  • Question Question
Cover Image For Login Form
Replies
0
Views
545
raybees
raybees
Napalm_beach
  • Question Question
XF 1.5 Alternative login form?
Replies
2
Views
668
htweet
htweet
D
  • Question Question
XF 1.5 SSL for certain pages does not work as it should.
Replies
2
Views
843
Mr Lucky
Mr Lucky
D
  • Locked
  • Question Question
XF 1.5 Enabling sign-in with Google breaks layout of login form
Replies
1
Views
483
Paul B
P
Back
Top Bottom