Force HTTPS at emby connect login

[Schar 4]

Hi

 

Is it possible to force HTTPs on the emby connect login and server management pages? That could be pretty sensitive information (depending on people's media collections) so protecting credntials is ideal. That or put a big red warning on the screen if it is not over SSL.

 

Same goes for the community login pages and anywhere else that your credentials can be used.

 

Cheers

[Schar 4]

Just for clarity - this is for the public websites (http://*.emby.media), not what emby serves us internally

 

I note that SSL is available on those sites, it is just a matter for force redirecting to the SSL pages

(alternatively, putting a big red UNSAFE logo on the HTTP pages and a link to https)

[Happy2Play 8296]

Just for clarity - this is for the public websites (http://*.emby.media), not what emby serves us internally

 

I note that SSL is available on those sites, it is just a matter for force redirecting to the SSL pages

(alternatively, putting a big red UNSAFE logo on the HTTP pages and a link to https)

I guess that is a matter of perception.

[Schar 4]

True, but no real excuse these days not to encrypt credentials or other (potentially) sensitive information. Especially when certificates are already in play.

[anderbytes 139]

As a security freak.... I have to agree. HTTPS is never too much.

 

Actually... in future, with HTTP/2 , it will be mandatory