enable https access to the support/ticket system

jlv · #1 12-09-2007, 12:39 PM

I was surprised to find that I needed to send my username/password over a plaintext http request to login to the support system to view tickets, etc. https://support.hostgator.com/ (and/or https://secure.hostgator.com/support.shtml) works, but some of the links take you to the unencrypted pages (i.e., 'submit a ticket'). It would be a nice (albeit small) improvement in security to switch all the support pages to only use https.

Sam · #2 12-09-2007, 12:44 PM

'Submit a ticket' is secured.. its just there are images on that page that come from http://hostgator.com

jlv · #3 12-09-2007, 01:12 PM

Are you sure? I just double checked, and it's all going over insecure connections. I even captured it in a packet trace, and can see the data in-the-clear.

Even if I start from https://support.hostgator.com/index.php, 'submit a ticket' goes to a secure page, but the form to select a department posts it's result to http://support.hostgator.com, so it ends up on an insecure page.

Sam · #4 12-09-2007, 01:18 PM

Oh yes your correct. Sorry

I didn't go past the select department

Chimpie · #5 12-09-2007, 01:26 PM

Someone should send a ticket about this. LOL

willow1872 · #6 12-10-2007, 06:45 AM

I agree