Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

February 19, 2012  |   Filed under: Turotial  |   Posted by:

.

Last post of our tutorial category  we covered how to setup secure browsing (HTTPS) in Facebook. There’s a flaw in this system though that you may not be aware of. Here we’ll show you the flaw and how to correct it.

1. So you set up secure Browsing (Https) in Facebook to help protect against bad guys running packet sniffing apps like Firesheep over a public Wi-Fi network. When you check the box Browse Facebook on a secure connection (https) whenever possible you think your always protected right? Not necessarily.

sshot 2011 02 12 16 08 07 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

2. Unfortunately there’s a flaw in the system. When you visit a page or app on Facebook that requires a regular (http) connection, it switches your entire account connection back to the unsecure (http). If you browse to an app or page that is unsecure, you’ll see the following message. At least Facebook gives you a warning…if you want to visit the page, click Continue.

sshot 2011 02 12 16 09 40 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

3. Like in this example where we want to connect to NetworkedBlogs.

sshot 2011 02 12 16 14 09 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

4. Here’s where the problem is. If you log out of your account, and sign back in, you’ll notice you’re no longer protected by a secure (https) connection! What? You though you checked a box saying use HTTPS Whenever possible. And the message advising you need to switch to a regular (http) connection doesn’t say you’ll lose your secure connection after visiting a non-secure site…very annoying.

sshot 2011 02 12 16 26 26 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

5. So what you’ll need to do is go back into your Account Settings.

sshot 2011 02 12 16 34 21 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

6. Under Account Security click on Change.

sshot 2011 02 12 16 34 51 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

7. Then check the box next to Browse Facebook on a secure connection (https) whenever possible again to re-enable the setting…make sure to click the Save button.

sshot 2011 02 12 16 37 42 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

8. Now you’re back to a secure (https) connection.

sshot 2011 02 12 16 41 09 thumb Fix the Secure (Https) Connection Flaw in Facebook After Visiting an Unsecure (Http) Page

So, keep in mind that if you visit a page that isn’t on secure (https) that you double check your settings and re-enable the secure connection settings again. Hopefully Facebook figures out a way to fix this annoying issue soon.

source: simplehelp

Be Sociable, Share!

You might also like :

Posted by on February 19, 2012. Filed under Turotial. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>