Jump to content

I Think I Should Be Worried About My Web Host.


shinami576
 Share

Recommended Posts

I posted this here because the source is verified as html. What better place to ask this question than in the html section of the forums?This is the login page source for the web host I use. My user name and password were quite prominently displayed in the source. I don't understand much about website and login info security YET but if I could view this so easily...then, I can't help but worry about the security of my site. If someone gets my login info for the admin panel then I'm up the creek. Should I be worried about the security of my web host?NOTE:I did "edit" out my user name and password. Only an idiot would have left that sort of info there.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>	<title>Please Wait...</title>	<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />	<meta name="robots" content="no-follow"/></head><body onload="submitForm();">	<h1>Please Wait While we process your login</h1>	<p>You should be automatically redirected to your control panel within a few moments.</p>	<form method="post" action="https://cl74.justhost.com:2083/login/" id="loginform">		<input type="hidden" name="user" value="USER" />		<input type="hidden" name="login" value="USER" />		<input type="hidden" name="pass" value="PASS" />		<input type="submit" value="Click Here to Login if you are not automatically redirected in 10 seconds."/>	</form>	<script type="text/javascript">	function submitForm()	{		document.getElementById('loginform').submit();	}	</script></body></html>

Edited by Shinami
Link to comment
Share on other sites

Then it doesn't really matter, because you had to enter that information before it displayed it; for anyone else it would display their details. If that was sent over an unencrypted (i.e. not HTTPS) connection, then people could still intercept that information, but that holds true for any data sent, client to server, e.g. as form data, or server to client, in the response-body.

Link to comment
Share on other sites

So, there isn't a need to worry about what my web host has done with the page I put in a code box?
No, not really. Just check that your login form is where you think it is.
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...