Schar 4 Posted September 11, 2016 Posted September 11, 2016 Hi Is it possible to force HTTPs on the emby connect login and server management pages? That could be pretty sensitive information (depending on people's media collections) so protecting credntials is ideal. That or put a big red warning on the screen if it is not over SSL. Same goes for the community login pages and anywhere else that your credentials can be used. Cheers
Schar 4 Posted September 13, 2016 Author Posted September 13, 2016 Just for clarity - this is for the public websites (http://*.emby.media), not what emby serves us internally I note that SSL is available on those sites, it is just a matter for force redirecting to the SSL pages (alternatively, putting a big red UNSAFE logo on the HTTP pages and a link to https)
Happy2Play 9713 Posted September 13, 2016 Posted September 13, 2016 Just for clarity - this is for the public websites (http://*.emby.media), not what emby serves us internally I note that SSL is available on those sites, it is just a matter for force redirecting to the SSL pages (alternatively, putting a big red UNSAFE logo on the HTTP pages and a link to https) I guess that is a matter of perception.
Schar 4 Posted September 14, 2016 Author Posted September 14, 2016 True, but no real excuse these days not to encrypt credentials or other (potentially) sensitive information. Especially when certificates are already in play. 1
anderbytes 141 Posted September 16, 2016 Posted September 16, 2016 As a security freak.... I have to agree. HTTPS is never too much. Actually... in future, with HTTP/2 , it will be mandatory 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now