AWSHelpdesk
asked on
Unencrypted Sensitive Form Detected
I am getting a McAfee error saying "Unencrypted Sensitive Form Detected" for the login page of our website yet the page is https as is the action on the login form so I don't know how this could be possible?
Is there something else I should be looking at?
Is there something else I should be looking at?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The remote host appears to allow sensitive form submission over unencrypted (HTTP) connections. This means that a user's personal information would be sent over the internet in clear text. An attacker may be able to uncover sensitive information such as login names and passwords by sniffing network traffic. Looks like you will need to make the site SSL on the webserver