This is an Apache thing. But registration and login should both really, really, not be done without this kind of security.
I personally advocate for the site to prefer using HTTPS for all connections. However, I would be happy with the server allowing HTTPS always and forcing it for secure pages, and I could live with HTTPS being forced for secure pages and prohibited elsewhere.
This is an Apache thing. But registration and login should both really, really, not be done without this kind of security.
I personally advocate for the site to prefer using HTTPS for all connections. However, I would be happy with the server allowing HTTPS always and forcing it for secure pages, and I could live with HTTPS being forced for secure pages and prohibited elsewhere.