[aur-general] Securing the AUR website
Loui Chang
louipc.ist at gmail.com
Sat Aug 6 04:52:50 EDT 2011
On Sat 06 Aug 2011 13:39 +0200, Thomas Bächler wrote:
> Alternatively: Do not display a login form on http, instead display a
> link "If you want to login, switch to a secure connection first.". This
> way, the user verifies the certificate and URL first (by looking at the
> URL bar), then enters his password.
I agree with this. As long as the rest of the site is functional via
http.
More information about the aur-general
mailing list