DevForum is "Not Secure"

ToonShader · June 13, 2020, 11:14pm

I don’t know if ROBLOX didn’t pay as much for security on the DevForum, or if it’s some glitch, but the forum is not secure.

sjr04 · June 13, 2020, 11:15pm

It is secure.

This usually happens when you are on the page for a long time then the lock goes away. Refreshing the site brings it back.

LifeDigger · June 13, 2020, 11:16pm

Hello @ToonShader,

I believe that this means your browser is not secure and is not the site. Also if I am correct Roblox does not own the forum and creates it from a website (discord). It does not say that for me so it may be your browser that is not secure.

Hope this helps,
LifeDigger
Builder

PeZsmistic · June 13, 2020, 11:16pm

This happens when the thread you’re viewing contains an <img> using http instead of https. This is generally fine.

For example:
<img src=http://i.imgur.com/Gyh7FLX.png>

ToonShader · June 13, 2020, 11:18pm

I never knew that could happen! Thanks for telling me!

DeveloperTurtle · June 13, 2020, 11:34pm

I think you mean Discourse also like @PeZsmistic said, it is when the image is HTTP. Also if I am correct it means the website isn’t secure, the search engine probably wouldn’t say if they are “Not Secure”

unix_system · June 13, 2020, 11:54pm

This isn’t accurate - Roblox host this forum themselves (not Discourse), and it’s also under their domain, meaning that SSL is generally their responsibility.

Likewise, it isn’t about the client’s security - “this site is secure” means that Roblox has an SSL certificate, meaning that you can trust that:

The connection can’t be intercepted by an intermediary party (for example, someone listening to to your network)
The website is who they say they are (so, for example, if google.com has the padlock, it is google.com being shown to you, not bing.com

WaviestBalloon · June 15, 2020, 6:17am

A bit odd, since I believe Imgur forces HTTPS, strange. (I only use CloudFlare and there’s an opinion to force HTTPS but eh just thought I would pop in quickly)

spidy123222 · June 16, 2020, 6:38am

Actually ROBLOX Dev forums is run on Discource. I totally agree with what your saying about SSL certificates.

But there is viruses that can track your traffic but that’s something else. If it’s constantly not secure then I would be a bit concerned for a man in the middle attack or a virus on the same device.

On chrome you can get a extension that makes all sites secure using SSL some how but I’m unsure how that works really.

Regalijan · June 16, 2020, 8:04am

That blog post is years old, and their current customer list does not mention Roblox anywhere, so I’m not sure about that. In the case of a MITM attack you would most likely see a certificate error.

Yes there are extensions such as HTTPS Everywhere, but many of them are whitelist-based, which usually requires the operator to add their site.

icrann · June 17, 2020, 9:51am

It would help if you could tell us which browser your using. Thanks

byc14 · June 17, 2020, 11:44am

Closed because the question was already answered.