New setting force_ssl that will ensure that Piwik is only used over https SSL #2918
Labels
Enhancement
For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Major
Indicates the severity or impact or benefit of an issue is much higher than normal but not critical.
Milestone
Currently, there is a setting force_ssl_login that forces the login details to be submitted over https.
However, since the token_auth is confidential, and sometimes passed in URLs (API requests, ajax requests done in the admin screens, etc.) it is desired to have a setting that would ensure that Piwik can ONLY be used over SSL.
The text was updated successfully, but these errors were encountered: