1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Add-on Require SSL for account operations

Discussion in 'Custom Service/Development Requests' started by Shiro, Apr 10, 2014.

  1. Shiro

    Shiro Well-Known Member

    There should be an addon that requires and redirects users to a secure (https) connection when performing the following actions:
    • Creating An Account
    • Logging Into An Account
    • Changing An Account Password
    • Resetting An Account Password
  2. SamL

    SamL Active Member

    If you use SSL, why not just re-direct all traffic to it via .htaccess rather than breaking it down by action? There's really no downside.
    Tracy Perry and Jeremy P like this.
  3. Jeremy P

    Jeremy P Well-Known Member

    In truth I think it's a bit silly these days to use partial SSL. Might as well go full SSL, you can take advantage of spdy and it's really not as taxing computationally as it used to be back when partial SSL was common practice.

    .. but this is definitely something to do in .htaccess and not really an addon.
    Liam W and SamL like this.
  4. Liam W

    Liam W Well-Known Member

    There is absolutely no point in using HTTPs for only certain things, as the session id is always transferred anyway.

Share This Page