Jump to content

Certain pages showing as insecure

Master Disaster
 Share
Go to solution Solved by colonel_mortis,

That's because there are images embedded in it loaded from other domains (such as imgur) that were loaded over HTTP rather than HTTPS. The page is still secure, and there is absolutely no risk of anyone obtaining any information that they couldn't already access (ie. just the domain name), but it does mean that an attacker could replace that image on the page, which is why it's flagged as insecure.

There's not much that we can do about it without breaking image hosts that don't support HTTPS.

Posted

Any page which has an image attached to it is showing as insecure in Firefox

 

Spoiler

 

Untitled.png.28676b39dd41f25d2fa33a07d44

 

 

 

Is this normal or is there something wrong?

Main Rig:-

Ryzen 7 3800X | Asus ROG Strix X570-F Gaming | 16GB Team Group Dark Pro 3600Mhz | Corsair MP600 1TB PCIe Gen 4 | Sapphire 5700 XT Pulse | Corsair H115i Platinum | WD Black 1TB | WD Green 4TB | EVGA SuperNOVA G3 650W | Asus TUF GT501 | Samsung C27HG70 1440p 144hz HDR FreeSync 2 | Ubuntu 20.04.2 LTS |

 

Server:-

Intel NUC running Server 2019 + Synology DSM218+ with 2 x 4TB Toshiba NAS Ready HDDs (RAID0)

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Solution

That's because there are images embedded in it loaded from other domains (such as imgur) that were loaded over HTTP rather than HTTPS. The page is still secure, and there is absolutely no risk of anyone obtaining any information that they couldn't already access (ie. just the domain name), but it does mean that an attacker could replace that image on the page, which is why it's flagged as insecure.

There's not much that we can do about it without breaking image hosts that don't support HTTPS.

HTTP/2 203

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, colonel_mortis said:

That's because there are images embedded in it loaded from other domains (such as imgur) that were loaded over HTTP rather than HTTPS. The page is still secure, and there is absolutely no risk of anyone obtaining any information that they couldn't already access (ie. just the domain name), but it does mean that an attacker could replace that image on the page, which is why it's flagged as insecure.

There's not much that we can do about it without breaking image hosts that don't support HTTPS.

Coolio, thanks Mortis :)

Main Rig:-

Ryzen 7 3800X | Asus ROG Strix X570-F Gaming | 16GB Team Group Dark Pro 3600Mhz | Corsair MP600 1TB PCIe Gen 4 | Sapphire 5700 XT Pulse | Corsair H115i Platinum | WD Black 1TB | WD Green 4TB | EVGA SuperNOVA G3 650W | Asus TUF GT501 | Samsung C27HG70 1440p 144hz HDR FreeSync 2 | Ubuntu 20.04.2 LTS |

 

Server:-

Intel NUC running Server 2019 + Synology DSM218+ with 2 x 4TB Toshiba NAS Ready HDDs (RAID0)

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Forum Bugs and Issues

×