Solved

Understanding Warning: Contains Unauthenticated Content

Posted on 2011-03-01
14
799 Views
Last Modified: 2013-12-07
I am having the same problems in trying to understand what this means and how to rid myself of it.  I am using Firefox also.

From what I gather, does the Accepted Solution mean that the cause of this warning is merely junk on the webpage I am looking at that causes the warning?

Is the webpage really and truly secure except for the commercial junk?  I ask because the webpage I want is an Order Form where I will have to send my sensitive information over in order to order a product I want.  I must know if the webpage is secure or not.

Thank you.
0
Comment
Question by:Maverick2010
14 Comments
 
LVL 3

Expert Comment

by:mnation1
ID: 35011665
That's usually what it means (ads or other linked in content from unencrypted sources).  I'm not sure if there's a way to test whether the form you are filling out belongs to the encrypted or unencrypted parts of the page.  I'd recommend contacting the website with this question, if it appears to be at all untrustworthy.

-mitch
0
 

Author Comment

by:Maverick2010
ID: 35011998
I did contact them via email and await a reply.  

I find IE and Firefox both show this site to have secure and insecure material and my reading suggests insecure material is a way for someone to get access to secure material.  Is this so?  I am afraid to give my info to them until I can get a secure order form page.

There is a Forum page that suggests a fix to this problem by downloading and installing "Admin SSL Secure" plugin (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  I don't know what that is or how to install it.  Is it truly a fix?

Thanks and I await any replies.
0
 

Author Comment

by:Maverick2010
ID: 35070169
Their reply did not address the problem but  rather instead told me how to place an order.  Sounds like they were dodging the issue or else did not know about such things as secure websites.

I still await any replies about the downloading and installing "Admin SSL Secure" plugin (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  

Can anyone say anything about that?  Thanks.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 35095763
Care to share the link so we can see what you are referring to?
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35095833
Please post the URL of the page that triggers the warning.

Among other things, the warning can be triggered by having an HTML tag in a secure page that contains a URL that does not refer to a secure page.  Examples include an <img> tag that explicitly references an image stored on HTTP instead of HTTPS, or a favicon that is not on a secure server.  Mostly this is a benign warning, but I think that you, in a Presbyterian "abundance of caution," should probably not use the page to enter personal information.  Instead you might want to place your order over the phone or find a different vendor.
0
 

Author Comment

by:Maverick2010
ID: 35098571
OK, thanks guys.  Sorry for the delay in getting back to you.

The link where I got that Admin SSL plugin is:  (http://wordpress.org/extend/plugins/admin-ssl-secure-admin/).  wher it says Download Version 1.4.1.

I haven't tried it but once but I didn't see where it went or that it installed or what it really did.  Is it  a viable fix?


I agree and was thinking the same thing in the back of my mind about those warnings being benign insofar as they represent unimportant  junk on the webpage.  It's just that somewhere I came across a paragraph that said that those insecure junk items can be used as a backdoor to getting into the secure information I enter in (my credit card number for instance) and robbing me of my number.

Could that be true?


I did end up finding a different vendor in this case that had a secure order form page.  But my entire question is about wanting to know if there is a way to "secure" such web order forms for my peace of mind.  Is there anything I can do from my end to secure an order form site before entering my information?  
Or perhaps I should ask:  Is there a way to determine which "insecure" items on a webpage might pose a threat or compromise of my sensitive information and can I neutralize that threat before submitting my credit card info?

Thanks once again.

0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 108

Accepted Solution

by:
Ray Paseur earned 250 total points
ID: 35099035
which "insecure" items -- that would be any item that did not originate from HTTPS.
a threat or compromise -- just because a we site uses HTTPS does not mean it is safe to give them your credit card.  It's best to know your vendors very well.  All that HTTPS does for you is reduce (to nearly zero) the likelihood that someone will be able to get your card numbers with a packet sniffer.  If, for example, you use your credit card at a public computer, the browser will remember the settings.  No amount of HTTPS can protect you from the next person who comes up to that computer.

As far as the unimportant junk on the page goes, I doubt if there is an easy way to use such a thing to get information that you don't put into the page.  In other words, better safe than sorry.  You can use "view source" to look and see where your form is being submitted to.  A little caution is always wise.

To the important question, "can I neutralize that threat" the answer is No, full stop.  Do business with those you trust and leave the others alone.

Best regards, ~Ray

0
 

Author Comment

by:Maverick2010
ID: 35099239
Thanks Ray.  Good advice.  I like to "shop around" simply because I don't have but a few trusted sites and they don't always have everything I need.  So I am building my clientele.

Mostly I sort of believe in the law of averages-if that's the way to put it......in that it's like winning the lottery.  What are your chances?  Practically zero.  I feel that as long as you go with reputable or HTTPS websites, you probably will have no trouble and you would have to really shop alot before finally becoming unlucky and hitting a bad order form page that steals your information.  In other words, it's unlikely anything bad will happen.

Am I totally wrong in that belief?

I was just hoping that I could take added measures to make that eventuality even more unlikely.

I right clicked on this page and saw the View Source you mentioned and selected it.......I'm afraid I don't even know how to start to read that!  How do I begin to read such information?  Where do you look on it to find the specific info about where my form would be submitted to?

Thanks.
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35099295
I think you would need to know HTMLm which is the language of web sites - a semester at a Junior college would teach you all you needed to know about that.

Also, I think you're on firm ground in comparing identity theft to Publisher's Clearing House.  Neither one is very likely.  The problem is that if your CC is stolen, it's a lot less fun than winning the lottery.  If you give your credit card to a waiter in a restaurant you have an equivalent risk, and how often does that go bad?  Almost never.

I have one credit card that I use for all online transactions.  It makes it very easy for me to check the statement carefully.
0
 

Author Comment

by:Maverick2010
ID: 35099514
OK.  I will lay that part of my question to rest.  I guess there's not too much to worry about with credit cards.  I do have a system in place where I have an account that I devote to online purchases exclusively and I usually only put in funds to it at the time of purchase.  My bank helped me with that idea and setting it up.

I still hope someone can help with the Admin SSL plugin part of my question.
0
 

Author Comment

by:Maverick2010
ID: 35148467
If no one knows about this Admin SSL plugin, I am going to close out this question as only half solved.

Thanks.
0
 

Author Closing Comment

by:Maverick2010
ID: 35156545
Thanks for the info given about part of my question.  The other part was never answered.  The answered part info was good advice.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now