Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Matthewb119219dNow you're thinking with portals
Voxera1012819dIt depends, they might use a vpn to protect it, or a dedicated line.
We run our own load balancers that terminated https but everything else was in internal network.
And then you have sites that never used https but got it in the package when using a cloud front.
They never bothered with security but the front helps their google standing.
sbiewald369319d2FA helps against insufficient protection from passwords, not against sniffing.
Also the following is not unlikely:
User -- HTTPS -> Cloudflare w TLS termination -- HTTPS -> Site
hjk101238314dWhen your site resides on Amazon servers it might be acceptable as it is not a closed network and you trust AWS not to snoop (else you would not let them cache/decrypt your resources) if your site resides elsewhere you really should use https on your site and let CF use that to fetch ( as @sbiewald described)
AtuM45214dInho having a secure frontend and a non-secure backend connection over an unsecure link is a cheap way to score points on google and a way to trick users that the service is secure. I would ban such sites/services from the internet as users' data gets exposed.
Stress9> Claims to be a security expert and an Anonymous member > His router uses WEP as encryption
shellbug6Conversation between some kind of executives on the table next to mine: A: do you know this app that'll let y...
err-occured24Fuck me, big fucking security flaw with a UK internet service provider, my head has gone through my desk and h...