Our site www.viart.com site is operated by latest Viart Shop 5 with default Clear design
Topic Information
daviswe
daviswe
Trustwave scans my site monthly, and we do our best to resolve any problems with security.
 
I have two chronic issues you may be able to shed some light on:
 
Trustwave asserts "Web Application Transmits Login Credentials Without Encryption", and the pages in question are:
 
http://www.edsets.com:2077/ and the Authentication Type they say is 'basic'.
 
Same for "http://edsets.com:2077/"
 
My "Sign In" menu defaults to https://www.edsets.com/user_login.php which is correct and after signing in, the user lands back at www.edsets.com/user_home.
 
My admin site begins at "https://www.edsets.com/....../admin_login.php
 
So I am at a loss how Trustwave finds EdSets.com at fault, but I think it may be that they are also scanning my entire host account where I have two parked domains that do not take or make payments of any kind, and are ascribing those 'open credentials' to my commerce site Edsets.com!
 
Have you heard of anyone having this problem?
 
Ed