For security it would be nice if ssl is per default activated for all administrative actions. Meaning a Location-Header to the ssl uri is thrown if the default ssl config parameter is on an the request (for login-form etc.) is with standard http.
Log in to post a comment.
