summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2015-12-19 23:55:15 -0500
committerTim Graham <timograham@gmail.com>2015-12-21 06:52:49 -0500
commit40fd217437bda1c3ab2bafe8f14070f90a137df6 (patch)
tree373a74f736b79bf34e90ad26b97d2f84b13fcfaf /docs
parenta80fb8ae24e77abf20047b9dfe867b4b53a8d648 (diff)
[1.9.x] Removed a misleading comment about HTTPS.
For all practical purposes, there are no common cases for which a website cannot be deployed with HTTPS. Backport of d7580e286ac9c48e410d59281720205d6f5dda10 from master
Diffstat (limited to 'docs')
-rw-r--r--docs/topics/security.txt10
1 files changed, 5 insertions, 5 deletions
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index 1f2f0f199e..221036e328 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -120,11 +120,11 @@ for a small section of the site.
SSL/HTTPS
=========
-It is always better for security, though not always practical in all cases, to
-deploy your site behind HTTPS. Without this, it is possible for malicious
-network users to sniff authentication credentials or any other information
-transferred between client and server, and in some cases -- **active** network
-attackers -- to alter data that is sent in either direction.
+It is always better for security to deploy your site behind HTTPS. Without
+this, it is possible for malicious network users to sniff authentication
+credentials or any other information transferred between client and server, and
+in some cases -- **active** network attackers -- to alter data that is sent in
+either direction.
If you want the protection that HTTPS provides, and have enabled it on your
server, there are some additional steps you may need: