ClassCreator.com | Blockbuster sites, amazing reunions

Share Tips

New Topic Subscription Options  

URL says "not secure"

Forums: General Discussion
Created on: 11/08/18 01:06 PM Views: 254 Replies: 10
Thursday, November 8, 2018 at 1:06 PM

Hi guys!
When I sign on, the URL says not secure and then the web address. Is this a problem? Is it something I can fix, or is it my browser (Chrome)?
Thanks in advance,
Denise

Reply
Thursday, November 8, 2018 at 1:32 PM - Response #1

Hi Denise,

There are multiple pages of the site that are just content without any data entry. Most of those pages are not currently secured as they typically would not require it. All pages that do require security such as the join or sign on pages or any page that includes a financial transaction currently use our ClassCreator.com EV SSL Certificate. We are working on some additional adjustments based on these new browser changes and will notify all administrators when those adjustments are available.

Jessica
Class Creator Support


Reply
Thursday, November 8, 2018 at 2:07 PM - Response #2

Thanks Jessica.

I get that the home page is open, but are you telling me that my profile page is not secure also? Not one person has said anything to me, but I do want some layman's answer to give them in case. I trust you guys. I've been with you nine years (last week). With all the Facebook insecurities and others, I have promised that Class Creator is as safe as anything. So what is a good answer for them?

Denise

Reply
Thursday, November 8, 2018 at 2:55 PM - Response #3

At the bottom of your specific Edit Profile page (everyone has this setting), you have checked the option for : Block Profile Visibility: Block the public and search engines from accessing my Profile and allow only fellow Classmates to view my Profile details. Leave this box unchecked if you also wish to allow the public (friends, co-workers, family members, etc.) to view your Profile details. ... Therefore, your profile is secure. That is a different subject than that of the Not Secure message you are seeing that is generated by the browser.

Here is the answer to this question that I have been sending to other admin who inquire...

Google has updated their browser (and subsequently, major browsers have followed), to alert users whenever they are on any page of any site that is not secured by a security certificate. Your site is currently secured on all pages that were previously necessary such as cart check out pages of the Event Planner as well as your Login pages. Rest assured that your site is safe and secure. However, we are still looking into a solution for admins to acquire a security certificate for their sites so that all pages reflect a secure status. We are working with our team to solve the logistics of this task. We will inform all of our administrators as soon as we have a solution that will work for our unique site scenario.


Reply
Thursday, November 8, 2018 at 3:00 PM - Response #4

Thanks Scott. Yes I have that box checked and I sometimes ask people that don't check it if maybe they do want to do that (?) and everyone has said yes. This is such a great product and everyone who has spoken to me really likes it, and thanks me for doing it. I just want to keep on top of things. Our 50th is in 2021. As I told Jessica, we've been doing this for nine years last week. Wow!

Denise

Reply
Sunday, March 3, 2019 at 3:14 PM - Response #5

When a classmate (or anyone) opens our default class web page, Google Chrome displays the web address as "Not secure". Their standard information drop-down says in red,

"Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers..."

I have had classmates tell me that they will not use our site, or not purchase with a credit card on our site, because of that warning. Although I could,I don't ever want to tell users to ignore serious warnings like that on the Internet. Not a good habit to develop with normal users.

Granted the actual login page itself is secure, as is the credit card information page.
But the Edit contact info page, where users enter their personal contact information, shows as Not Secure.
The Edit Profile page, where users enter their personal profile information, shows as Not Secure

While you and I, As administrators, are familiar with and the difference between a site and a page and the limitations on the actual risks of opening a page that is not secure, many, if not most users, do not. When they go to Google, they immediately land on a secure page, just to search for something. That is what they are used to. All the way, while navigating to the secure pages on our site, users are facing a warning saying this site is not secure. Not cool. Security for our users is the name of the game nowadays.

Why does our domain not have a domain validated security certificate and use https:// throughout, so that Chrome has a private connection to our site. What needs to be done to fix this issue. While I registered/own our Domain Name, I do not host our web server.

Thanks

Reply
Tuesday, March 5, 2019 at 11:42 AM - Response #6

Our development team is still working toward a solution for this issue. Google has updated their browser (and subsequently, major browsers have followed), to alert users whenever they are on any page of any site that is not secured by a security certificate. Your site is currently secured on all pages that were previously necessary such as cart check out pages of the Event Planner as well as your Login pages. Rest assured that your site is safe and secure. However, we are still looking into a solution for admins to acquire a security certificate for their sites so that all pages reflect a secure status. We are working with our team to solve the logistics of this task. We will inform all of our administrators as soon as we have a solution that will work for our unique site scenario.


Reply
Tuesday, March 5, 2019 at 1:00 PM - Response #7

Thanks Scott. With 20,024 Classes/(Domains?), that's a lot of Wildcard SSL Certificates. I, for one, would entertain a per-domain add-on, provided the annual cost does not get out of hand.

Reply
Tuesday, March 5, 2019 at 5:30 PM - Response #8

That is something that the team is looking into as an option. There are still other hurdles that are above my head in terms of explanation that they need to consider.


Reply
Monday, April 8, 2019 at 5:48 PM - Response #9

The most recent update to Safari also results in "Not Secure" in the URL

Reply
Tuesday, April 9, 2019 at 11:08 AM - Response #10

Yes - I believe most have adopted this this new practice. We are still working on a solution.


Reply
New Topic  
Subscription Options: Have all new forum posts sent directly to your email.
Subscription options are available after you log in.