HTTPS not enabled for
Open, Needs TriagePublic


What is happening:
Https doesn't seem to be enabled for and everything (including credentials) is send in cleartext. Please set up https.

Related Objects

And once HTTPS is enabled, please run it through the Mozilla Observatory (or comparable tools) and try to increase the security score as much as feasible:

StringCheese added a subscriber: StringCheese.EditedOct 12 2017, 1:38 AM

I'll second this motion. The LoE team makes this website near-mandatory for reporting bugs, and all players, children included, are directed towards it when discussing them.
Mixing a group that probably defaults to the same password with an unsecured login seems like a really, really bad idea.
I made a unique password for this site and I doubt there is someone snooping through my traffic, and I still don't feel comfortable logging in here.

Maze added a subscriber: Maze.Jan 5 2021, 1:51 PM

Hey, just wanted to bump this ... there's authentication on this site, over HTTP, and passwords can easily get stolen. Your users are probably using the same passwords for and ... as well as everything else. Would be nice to take action before the next cyberattack ;-)

This comment was removed by justin.