Require https to logon to clueless

Ever since I can remember, it's possible to logon to clueless via http or https.

From a security point of view, logging on via http is inadvisable.

Can you either:
(a) have http://clueless.aa.net.uk redirect to the https version, so logon is always via https; or
(b) if there's a perceived need to retain http access, put a big warning on the http logon page and a link to the https version; this will help prevent people accidentally using http when they wanted https.

Martin Radford , 08.05.2013, 14:56

Response from the site administrator

aaisp, 21.04.2015

This was implemented a while back - (sorry for delay in replying here)

Idea status: completed

Comments

Without registration

Name		Required
e-mail		Required

Login		Use 3 to 18 characters, Latin characters or numbers	This login is not availableThis login is available
e-mail
Password		Use 3 to 18 characters, Latin characters or numbers
Re-type password
	Remember me

	Sign up

Login
Password		Forgot your password?
	Remember me


E-mail

Require https to logon to clueless

Comments

Leave a comment