[S] Unsecured Site Triggering Antispam/Antivirus

Post about any bugs or other issues that you find on AAO.

Moderator: EN - Forum Moderators

Forum rules

[S] Unsecured Site Triggering Antispam/Antivirus 

Postby E.D.Revolution » Thu May 28, 2020 8:15 am

The problem I'm reporting is literally in the title.

A little context:

As I was logging in to check my messages and whatnot, my browser did a Forbidden Error and my antivirus software triggered for "Online Threat Protection." This is because there is no encryption on this website. I'm saavy enough to know that this site is safe relative to other sites on the internet. However, for potential users, it's not fair to expect them to turn down their shields for this website in order to get this site to work for them.

Hell, C-R has encryption protection.
Image
User avatar
E.D.Revolution
 
Posts: 5734
Joined: Mon Jul 26, 2010 9:00 pm
Location: Across dimensions, transcending universes
Gender: Male
Spoken languages: English and decent Spanish

Re: [S] Unsecured Site Triggering Antispam/Antivirus 

Postby ThePaSch » Thu May 28, 2020 1:12 pm

I'm guessing this is because the site does not utilize HTTPS. I wasn't aware that there's already security software out there that makes it mandatory and blocks any site that doesn't use it - the portion of the web where this is the case is still quite large, I think - but that means there are plenty of benign websites outside of AAO that would get blocked for users of such software.

I don't personally see a reason why we couldn't switch to HTTPS; ever since the Let's Encrypt CA is a thing, I don't think there's any non-technical excuse not to. This is something that Unas would have to do. Perhaps there are technical reasons why doing it might be a little more difficult than might meet the eye?
Image
User avatar
ThePaSch
Moderator
 
Posts: 1248
Joined: Sun Jun 13, 2010 5:56 pm
Location: Germany
Gender: Male
Spoken languages: English, German (native)

Re: [S] Unsecured Site Triggering Antispam/Antivirus 

Postby Enthalpy » Sat May 30, 2020 12:31 am

I'll bring this to Unas's attention. That's as much as I can do.
[D]isordered speech is not so much injury to the lips that give it forth, as to the disproportion and incoherence of things in themselves, so negligently expressed. ~ Ben Jonson

Current AAO Development Priority: Issue #94: Grayscale Mode
User avatar
Enthalpy
Community Manager
 
Posts: 4770
Joined: Wed Jan 04, 2012 4:40 am
Gender: Male
Spoken languages: English, limited Spanish

Re: [S] Unsecured Site Triggering Antispam/Antivirus 

Postby E.D.Revolution » Mon Jun 01, 2020 3:05 am

I can tell you exactly what's triggering antivirus/antispam software. Not the fact that I'm using the website, not the fact that I'm logging in (in of itself, that is). It's the fact that a redirect happens after inputting credentials successfully that's tripping the software. It thinks because AAO doesn't use HTTPS, therefore my account is at risk of being hacked when I input my credentials.
Image
User avatar
E.D.Revolution
 
Posts: 5734
Joined: Mon Jul 26, 2010 9:00 pm
Location: Across dimensions, transcending universes
Gender: Male
Spoken languages: English and decent Spanish


Return to Bug reports

Who is online

Users browsing this forum: No registered users and 1 guest