security - Should a web page with a login form be secured? -


There is a question in the title, but I will expand.

Say I have a non-secure page, but I do not want the data that the user is posting on my web server so that it can block anyone. Do I need a secure URL for the form Service or simply Post form?

By serving the unprotected form, you post your form to a man-in-the-middle Allow change of destination, giving attacker crop login information. But the attacks of MITM are not common, so you are probably serving an unsafe farm.


Comments

Popular posts from this blog

c# - sqlDecimal to decimal clr stored procedure Unable to cast object of type 'System.Data.SqlTypes.SqlDecimal' to type 'System.IConvertible' -

Calling GetGUIThreadInfo from Outlook VBA -

Obfuscating Python code? -