Not secure

[Solvo]

dodgy config on the webserver.

It's only using HTTPS for some bit of the site, not all pages & elements, so chrome flags the whole site as insecure.
Feel free to use https://www.airgunbbs.com/ if you want the fully secured version, though it wont load right in the browser.

Given there's no payment portal and very little in the way of personal data it likely doesn't matter.

[rogb]

I don't really agree with the "no payment so no need to secure site". As the site is not encrypted, it is much easier harvest ALL the log-ins, passwords and user name (some of which may be in use elsewhere), emails, town (as required by AGBBS) and other personal information.

The BBC, for example, uses HTTPS protocol, because that is the expected standard these days. It's full of public information, so why bother?

Let's say somebody was hooked into your wi-fi, they could see every non-secured site you visit, like this one. They could also in theory access your log-in details and use them maliciously. Not likely but possible.

It is also much easier to redirect users to an "imposter" site when using non secure HTTP.
It's cheap and easy to secure a site these days, so why not do it?

That's why I log out of this site when I am not accessing NAG or sales...

[MartynB]

Let's say somebody was hooked into your wi-fi, they could see every non-secured site you visit, like this one. They could also in theory access your log-in details and use them maliciously. Not likely but possible

I would hope that you are changing the default settings on your WiFi, creating a complex key and hiding the SSD so only those who know the key and SSID can connect

[rogb]

I would hope that you are changing the default settings on your WiFi, creating a complex key and hiding the SSD so only those who know the key and SSID can connect

99% of users who don't have any idea how ( or why to) do this, a savvy person could still hack into WPA/WPA2 with some handy tips from your friend YouTube.
https://www.youtube.com/watch?v=Fynh7oP9Lio

At least if pages accessed are SSL encrypted, only IP addresses can be seen.
To the OP, this has nothing to do with firewalls That "protects" your computer but not the wifi router.

If you watch this, you will understand why I have tape over my laptop webcam. It's so easy, it's scary!
https://www.youtube.com/watch?v=-0ofQsAwF2I

[BEESA]

I used to get that message to ! I now log in through Firefox and now no warning at all
Don

[Solvo]

I used to get that message to ! I now log in through Firefox and now no warning at all
Don

That's because Firefox only warns is the page is completely insecure, Chrome flags a whole page as insecure if there is at least one insecure element in the page as it leave the secure elements vulnerable to known exploits.

Not sure why all the links redirect back to plain HTTP either. As I said originally, bit of dodgy config.
Certainly could be improved by the site admins, the SSL implementation isn't great for the secure side either.
Report here: https://www.ssllabs.com/ssltest/anal...=airgunbbs.com

[rogb]

That's because Firefox only warns is the page is completely insecure, Chrome flags a whole page as insecure if there is at least one insecure element in the page as it leave the secure elements vulnerable to known exploits.

Not sure why all the links redirect back to plain HTTP either. As I said originally, bit of dodgy config.
Certainly could be improved by the site admins, the SSL implementation isn't great for the secure side either.
Report here: https://www.ssllabs.com/ssltest/anal...=airgunbbs.com

https://www.openssl.org/

It's free. There's no reason, assuming it's compatible with AGBBS server (Apache), not to use it. Sys admins please take note. Thank you