1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 SSL (https) only for Login

Discussion in 'XenForo Questions and Support' started by vFranky, Jul 26, 2015.

  1. vFranky

    vFranky Active Member


    is it possible to configure and use https only for XenForo-login? How?

    I want to change to SSL, especially for Login. I'm afraid that a complete transfer of all pages to SSL will produce to much overhead for the server, someone said 10 times more than normal http.

    Kind regards,
  2. Liam W

    Liam W Well-Known Member

    Setting it for login only won't work really.

    The created cookies would be marked as secure only, and the user would then be logged out when they visited a non-SSL page.

    Also, there really is no point in having SSL on login only. While their login details would be secured, the session cookie wouldn't, and anyone on the same network as them would be able to steal the contents of that cookie and access the site as that user.

    vFranky likes this.
  3. vFranky

    vFranky Active Member

    Thank you. Liam.

    Lots of people advice me not to chance to complete SSL encryption of the whole forum content. They say that there are often problems / errors with banner advertisments.
  4. Mouth

    Mouth Well-Known Member

    You're listening to people with outdated, and thus uneducated, information and knowledge.
    Xon likes this.
  5. vFranky

    vFranky Active Member

    But the problem with banners (even AdSense) seems to be very real.
    Any expert knowledge is welcome.
  6. Mouth

    Mouth Well-Known Member

    I've had SSL for over 18mths, and mandatory for around 6 mnths.
    No drop in advertising income during this time.
    vFranky likes this.

Share This Page