/
/

Site Navigation

Your Account

Choose Language

Options

No HTTPS in emails

As I have recently asked a question, and received a response, I have gotten an email from ifixit letting me know

However, none of the links in the email are using HTTPS.

It also appears that none of the send.ifixit.com have any SSL certificates at all, making HTTPS impossible in the first place.

I'm not sure if this is the case in the actual ifixit.com emails due to the email I received being about meta.ifixit.com, but I can imagine they use the send.ifixit.com analytics system

As more and more browsers mark HTTP only sites as completely insecure, this might be worth bringing to attention. Often with this, comes a big scary warning.

As it appears to be an Nginx server, (Assuming you host and control it completely yourself) this shouldn't be a long-term project, and I imagine it would only take a few hours max to implement it (I don't know your backend setup though)

Block Image
Block Image
Answered! View the answer I have this problem too

Is this a good question?

Yes No
Score 4
1 Comment

This is a good point! I'd also like to point out that certain browsers actually COMPLETELY BLOCK HTTP-only sites, so this could also be an issue.

by

Add a comment

1 Answer

Filter by:
Most Helpful Newest Oldest
Chosen Solution

Options

Hi @someaspy and @shingle,

We use a third party email service that doesn't support SSL or allow us to use a secure certificate. We are aware of the problem and have some work underway that should secure those links. Stay tuned, it shouldn't be too long!

Was this answer helpful?

Yes No
Score 5
Add a comment

Add your answer

Aiden will be eternally grateful.