jump to last post 1-5 of 5 discussions (12 posts)

How safe are our Hubpages accounts? No encryption and no SSL

  1. Cardisa profile image91
    Cardisaposted 4 years ago

    A few weeks ago Hubpages SSL Certificate expired and we were told that the issue has been taken care of.

    The network that Hubpages is now hosted on does not allow for SSL certificates to be added to your domain. I should know, I have a site there. They claim that they protect your information on their servers yet visitors to their sites will have a warning that the site is suspicious.

    I'll now prove that HP is not secure. If you are using Chrome, in your navigation bar at the far left next to the web address you will see a file type icon. Hover your mouse and you will see "view site information". Then click to view site information.  You will see two tabs: permission and connection. Click the connection tab.

    You will see two major pieces of information: (1) The identity of this website has not been verified. (2) Your connection to Hubpages is not encrypted.

    The third proof is the site's URL. http://hubpages.com/feed/. Notice the data transfer protocol (http). Notice that the s is missing, which means the secure sockets layer is missing. Using plain HTTP means that information from the site are sent over the internet via plain text. Anyone with a sniffer software can intercept our information.

    1. Randy Godwin profile image91
      Randy Godwinposted 4 years ago in reply to this

      Could this be a reason for the lack of traffic or for the mass of hubs being stolen on here lately, Carolee?

      1. Cardisa profile image91
        Cardisaposted 4 years ago in reply to this

        I have been wondering if the lack of secure feature are detering visitors. Before HP switched to Ning we got more traffic.

        1. SimeyC profile image89
          SimeyCposted 4 years ago in reply to this

          Why would this change traffic? most people do not even realize there is a difference between security on some sites. I'm a computer geek who knows all about PII etc. (it's part of my job) - however I very rarely look at the 'http' or 'https' - I tend to look at the domain! I know hubpages.com is legit, I know amazon.com is legit etc.

      2. SimeyC profile image89
        SimeyCposted 4 years ago in reply to this

        This shouldn't make a difference to traffic or stolen info  - secure SSL is primarily to stop hackers getting into your personal account and stealing PII.

    2. wilderness profile image96
      wildernessposted 4 years ago in reply to this

      If you go to the earnings page it is secured.  Both the padlock and the "s" suddenly appear.

      Isn't that the only page we really care about?  Or does being secured some help prevent hackers from coming in and changing our hubs?  It certainly won't prevent theft of a hub - outside of securing personal information what good is it?

      1. Cardisa profile image91
        Cardisaposted 4 years ago in reply to this

        There is no security for the stats page or some of the other pages in our account.

        1. wilderness profile image96
          wildernessposted 4 years ago in reply to this

          I didn't check everything, but our financial accounting area is the only thing I found that has security.

          I'm not really up on this, but isn't that all we need?  Guess I'm not seeing any value in securing the other pages, including stats, given that a hacker can't change them, and I didn't think that was a part of SSL.

          Am I wrong here?

  2. K9keystrokes profile image91
    K9keystrokesposted 4 years ago

    Dang....cool

  3. janshares profile image90
    jansharesposted 4 years ago

    Sheeeesh!!! Not good. Thanks for the fyi.

  4. 2uesday profile image87
    2uesdayposted 4 years ago

    Thank you Cardisa for posting this information so that we are aware of it.

  5. Cardisa profile image91
    Cardisaposted 4 years ago

    Thanks for the reply guys. I am just concerned about this. With all the thefts and hacking on the internet, I cannot believe that a content site such as this would not be more secure. I know the SSL cannot prevent content thieves but it does help to authenticate a site so visitors will feel more secure.

    When I use IE to log on, my site scanner app tell me that the site is suspicious and I have to wonder how many people might be getting the same warning.

 
working