Hacker News new | ask | show | jobs
by BearGoesChirp 3176 days ago
I know of companies with typos in their links that they email. These typos lead to scam sites. I've contacted them and they haven't yet fixed it. There needs to be a serious re-evaluation of the costs associated with failing such basic security measures like using https and just making sure you send people the correct link. Right now it isn't even a slap on the wrist.
2 comments
tony101 3176 days ago
If the site supports HTTPS, they should just preload HSTS to avoid future problems with HTTP.
link
rmc 3176 days ago
Sure, but you can configure a webserver to always redirect to the https version of a site.
link