Chrome has a Not Secure warning ?

[csv8]

When I log into FF, Chrome has next to the web address " a red triangle with Not Secure" when I click on it , it tells me " site is not secure"
Why ? I use Kaspersky Total Security.

[DOC]

Quote:

Originally Posted by csv8

When I log into FF, Chrome has next to the web address " a red triangle with Not Secure" when I click on it , it tells me " site is not secure"
Why ? I use Kaspersky Total Security.

Chrome would detect non https connections as not secure, it has nothing to do with your security / Kaspersky?

FF seems secure at the top level but for some reason, they are not passing the https to the lower levels such as this reply.

Quote:

The site isn't using a private connection. Someone might be able to see or change the information you send or get through this site.

On some sites, you can visit a more secure version of the page:

Select the address bar.
Delete http://, and enter https:// instead.
If that doesn't work, contact the site owner to ask that they secure the site and your data with HTTPS.

Edit / it seems to be passing the https but not sure why it gives a warning as insecure?

[DaveD]

Following on from DOC's reply

I don't see any security warnings using Chrome but I can sort of replicate OP's warning by changing from https:// to http:// in the web address bar.

csv8 - if you log in to FF using a Bookmark or Desktop shortcut, check that the URL (of Bookmark/Shortcut) is prefixed with https://. Warning should go away if you use https://www.fordforums.com.au

The only thing I can't replicate is the red triangle icon, ie, I only see a circled "i" icon if I browse FF using http://www.fordforums.com.au.

[DOC]

Quote:

Originally Posted by DaveD

I don't see any security warnings using Chrome but I can sort of replicate OP's warning by changing from https:// to http:// in the web address bar.[/url].

select to reply to a post and look up the top (while in reply mode) you will now see the i (info) button instead of a lock and then you can click to see it says not fully secure.

[BlueBear]

Says not secure on mine too, but I'm still using Windows 7 so thought that may be the prob.
Doesn't concern me anyway...

Cheers,

[DaveD]

Quote:

Originally Posted by DOC

select to reply to a post and look up the top (while in reply mode) you will now see the i (info) button instead of a lock and then you can click to see it says not fully secure.

Gotcha, I do see the 'i' icon (and not secure warning) in the reply page now that you pointed it out. Still don't see it anywhere else.

According to Chrome Dev Tools > Security, the reply-to page is trying to access an image over http://

Quote:

Mixed Content: The page at 'https://www.fordforums.com.au/newreply.php?do=newreply&p=6400459' was loaded over HTTPS, but requested an insecure image 'http://fordforums.com.au/images/buttons/YouTube.gif'. This content should also be served over HTTPS.

So that's the reason for the 'i' icon.

I still can't replicate a red triangle warning though like the OP, and that's what got me interested in the thread.

I'm using macOS High Sierra (old version I know) + Latest Chrome if that makes any difference to the tech admins.

[russellw]

OK. I can fix the image loading - when we migrated to SSL obviously there are still some templates that are using http rather than https and they are obviously bypassing the rewrite rule that converts everything else to https. I'll track down any templates still calling http and fix them.

[russellw]

I've fixed a few of the internal templates that were (somewhat ironically) calling the Comodo Trust logo via http rather than http. I'm still tracking down where the image icons are being called from ...

[russellw]

.. and I fixed that button which was the only one that was being called with a full URL rather than a shortcut.

There can still be issues where users post pictures using http rather than https but that's a bit beyond out control.