FlyOrDie.com Not Using HTTPS

Hi everyone,

Just a heads-up: when I log into flyordie.com, my browser gives a security warning saying the connection is not secure. It specifically says the site doesn’t support HTTPS, meaning any information sent (like usernames or passwords) could potentially be seen or intercepted by others.

I've attached screenshots showing the warning messages from Chrome.

This is a serious issue because without HTTPS, there’s no encryption between the user and the server. I’d recommend avoiding logging in or sharing any sensitive info on the site until they fix this.

Hopefully the site admins can upgrade to HTTPS soon—it’s 2025, and secure connections should be standard by now.

See images

https://ibb.co/DHH2KWJf

https://ibb.co/0Ryx9VtC



Im using Chrome 138 on Windows 11

I do not have a disconnection issue.

Edited by masterkiller

❤️

SkaldGuard

Thank you for raising the HTTPS concern and your suggestions for securing FlyOrDie.com. We take security seriously, but we must clarify that implementing HTTPS isn’t as simple as you suggest, and a one-sided view risks alarming players unnecessarily.

Our entire site, including login and game pages (

https://www.flyordie.com)

, uses HTTPS, ensuring secure data transmission. The “not secure” warning you see is due to pages being displayed within an iframe. Browsers may flag iframes as insecure if their source appears as HTTP, triggering false alerts despite encryption. There’s no security issue—your login credentials are protected. No sensitive data, like credit cards or personal info, is transmitted. Sharing such data in chat is unsafe, even on HTTPS, and should be avoided.

As shared in updates over the past month, we’re transitioning to a new architecture for the entire site. This is complex, as HTTPS can cause disconnects on weak networks or older devices, especially for WebSocket-based games. Rushing implementation could disrupt gameplay for many users. 

We’re committed to a secure FlyOrDie.com but ask for understanding of the technical challenges. Thanks for your input—stay tuned for updates

❤️

masterkiller

Thank you for the detailed response. Appreciate it.

masterkiller

Hi again,

Just following up on the security issue I reported with FlyOrDie's login page not being secure (no HTTPS).

The good news is — this is easy to fix, and there are free tools available. Here are a few ways the FlyOrDie team can solve this:

✅ 1. Use Let’s Encrypt (Free HTTPS Certificates)
Website:

https://letsencrypt.org



Let’s Encrypt gives completely free SSL certificates so the site can use https:// instead of http://

It’s supported by every major browser

Most servers can install and renew these automatically using a tool called Certbot:

https://certbot.eff.org/



✅ 2. Secure the Entire Site (Not Just the Homepage)
Right now, the main site (

https://www.flyordie.com)

 is secure. But the game pages and login forms are not.

The entire site should be served over HTTPS, including login screens and games.

✅ 3. Redirect All HTTP Pages to HTTPS
If someone visits

http://flyordie.com

 or a game page using http://, the server should automatically redirect them to the secure https:// version.

This is easy to do in server settings using .htaccess (on Apache) or config files (on Nginx).

✅ 4. Use a Proxy or Cloudflare to Help
If older systems make this hard, FlyOrDie can use a reverse proxy (like Nginx) to add HTTPS in front of the existing system.

Or they can use Cloudflare (

https://www.cloudflare.com)

, which offers free SSL and protects the whole site.

Bottom line:
There’s no reason not to secure the login page in 2025. HTTPS protects users from having their usernames and passwords stolen — especially when using public Wi-Fi.

I hope the team takes this seriously. It’s not expensive. It’s not complicated. And it's 100% doable with modern tools.

Thanks.