Username
Password
Login is SSL protected. By clicking on "Log in Now" you agree to gixen.com terms of usage.
Forum is available in English only.


   SearchSearch     

Still happy + security suggestion : HSTS

 
Post new topic   Reply to topic    Gixen.com Forum Index -> Impressions
View previous topic :: View next topic  
Author Message
elvey
Guest





PostPosted: Fri Nov 25, 2016 5:27 pm    Post subject: Still happy + security suggestion : HSTS Reply with quote

Love the service. So nice to have a company that isn't in the business of ripping off its own customers for a change. Hope you're having a wonderful thanksgivging. You deserve a big hug.

Just had to go through the gixen.com/whatsmyip.php process.

Pretty painless. Ebay did not ask me to complete a verification process when I placed a bid via the proxy. Hope that doesn't mean it's more likely to block given again soon. Leaving the thing configured for now.

security suggestion : Enable HSTS - hxxps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security and your users credentials will be safer and I'd bet eBay will block you less.

security suggestion2: don't require logged-in users pass the anti-bot check.
Back to top
Gixen
Advertisements





PostPosted: Fri Nov 25, 2016 5:27 pm    Post subject: Still happy + security suggestion : HSTS

Back to top
Cupid



Joined: 09 Aug 2007
Posts: 5505
Location: Bristol, UK

PostPosted: Sat Nov 26, 2016 8:16 am    Post subject: Reply with quote

The reason that a secure connection is only used when necessary is that it is not possible to host adverts via https, and those help keep the site free for the standard service, and cheaper even when you opt for the upgrade of a Mirror subscription.

This forum is implemented using an off the shelf third party package, integrating it with the login required to support sniping would not be an easy task, with the only advantage being the removal of the requirement to solve a captcha when you post, for some.

This forum is deliberately left open for all to post, whether or not they have ever registered their Ebay credentials with Gixen, or not... also many would not wish to reveal their actual Ebay id when discussing issues here... So there can never be a requirement to log in before using it.

If you intend to use the Forum a great deal it is possible for Mario to set up a forum account for you, once logged into that there is no requirement to use the captcha system in order to post here.
_________________
Mark
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Gixen.com Forum Index -> Impressions All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

© 2015 Gixen.com. Forum powered by phpBB © 2001, 2005 phpBB Group.