Discord Notification, which sends links to our "wiki-activity" channel on the discord, is leading users to the insecure (non-https) site addresses. They are not logged in on http:// addresses, even when logged in on https:// . However, under no circumstance should you ever use (or log into) our login-enabled services while under http://www.vetpetmon.com, as this WILL result in your account security being compromised.
This can be fixed by adding the "s", but not all users will be keen enough to spot this security vulnerability.
What I think is happening here:
Server host is not set to automatically move people from http to https, getting that functionality onto our server will cost extra money, more than the simple "just having it" costs us.
I did a fucky wucky with configuring the Discord Notification extension
The extension itself has a huge security flaw
If possibility 3 is true, I will IMMEDIATELY report this to the extension developers, or fork DN and apply the security fixes myself.
Well that explains it. Possibility 2 was our case. My bad, I'm genuinely sorry. All old webhook messages are going to be deleted for user safety. Try something to get new webhook messages to show up.
Discord Notification, which sends links to our "wiki-activity" channel on the discord, is leading users to the insecure (non-https) site addresses. They are not logged in on http:// addresses, even when logged in on https:// . However, under no circumstance should you ever use (or log into) our login-enabled services while under http://www.vetpetmon.com, as this WILL result in your account security being compromised.
This can be fixed by adding the "s", but not all users will be keen enough to spot this security vulnerability.
What I think is happening here:
If possibility 3 is true, I will IMMEDIATELY report this to the extension developers, or fork DN and apply the security fixes myself.