Yea, they really need to fix this. I am not feeling very safe on here at all! Every single time I try to log in or go to the papaya game or forum page, my browser keeps giving this warning:
Your connection is not secure
The owner of www.papayaplay.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Learn more…
Report errors like this to help Mozilla identify misconfigured sites
www.papayaplay.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported.
So, what we have - few urgent holes that must be fixed : http, web server http reading from microsoft sql server, http forum-like showing the users logging credentials.
Solution:
- web server on htts with valid certificates for all sub-directories - the forum shouldn't read game's database user credentials - it is best if the forum uses MySql with 128bit(or higher) encryption and users wiling to use it should create separate logging for the forum - easier to manage and better save that sorry.
I am loosing confidence in the new publishers already. It's very poor management, that they haven not made any of this HTTPS. And there is no reason why this was not set up to begin with, so that we could all CHOOSE our OWN Screen name for forum, not showing our personal logins!
I also created a separate forum only account. We should not have to do that though.
+10 for this post, just wish they would do something about it all. *frowns*
Well...the main page is https lol, but nothing here. This is why I don't any of my accounts on the forum. I made ONE account just for forum posting. This forum needs a few changes and I hope that at some point they get around to doing them. I get they have a lot to do with game bugs and issues but the forum part should have been setup well before.
Comments
Your connection is not secure
The owner of www.papayaplay.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Learn more…
Report errors like this to help Mozilla identify misconfigured sites
www.papayaplay.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.
---------------------------------------------------------------
Papaya play needs to step up and fix this issue!
And we should be able to choose our own forum screen names, that's just wrong.
http, web server http reading from microsoft sql server, http forum-like showing the users logging credentials.
Solution:
- web server on htts with valid certificates for all sub-directories
- the forum shouldn't read game's database user credentials - it is best if the forum uses MySql with 128bit(or higher) encryption and users wiling to use it should create separate logging for the forum - easier to manage and better save that sorry.
I also created a separate forum only account. We should not have to do that though.
+10 for this post, just wish they would do something about it all. *frowns*