Blog for rpmfusion.org
Chris Nolan
chris at cenolan.com
Wed Nov 12 14:46:53 CET 2008
Till Maas wrote:
> Everyone who logins in here for testing will send the used FAS username and
> password unencrypted through the internet.
>
> Regards,
> Till
>
My bad. Fixed to route all wp-login.php and wp-admin traffic over SSL.
I'm also going to speak with the FAS developers about whether they could
introduce an API key for each user that we would use to authenticate in
third-party systems such as this. That way even if an API key is
compromised it can't be used to compromise FAS itself.
Thanks
Chris
More information about the rpmfusion-developers
mailing list