|
@@ -120,11 +120,11 @@ for a small section of the site.
|
|
|
SSL/HTTPS
|
|
SSL/HTTPS
|
|
|
=========
|
|
=========
|
|
|
|
|
|
|
|
-It is always better for security, though not always practical in all cases, to
|
|
+It is always better for security to deploy your site behind HTTPS. Without
|
|
|
-deploy your site behind HTTPS. Without this, it is possible for malicious
|
|
+this, it is possible for malicious network users to sniff authentication
|
|
|
-network users to sniff authentication credentials or any other information
|
|
+credentials or any other information transferred between client and server, and
|
|
|
-transferred between client and server, and in some cases -- **active** network
|
|
+in some cases -- **active** network attackers -- to alter data that is sent in
|
|
|
-attackers -- to alter data that is sent in either direction.
|
|
+either direction.
|
|
|
|
|
|
|
|
If you want the protection that HTTPS provides, and have enabled it on your
|
|
If you want the protection that HTTPS provides, and have enabled it on your
|
|
|
server, there are some additional steps you may need:
|
|
server, there are some additional steps you may need:
|
Alex Gaynor