On 23 August 2013 21:28, Marc A. Pelletier marc@uberbox.org wrote:
On 08/23/2013 03:23 PM, Martijn Hoekstra wrote:
Requiring https for advanced privileges seems odd. Would that require a second set of credentials over a https only page?
You're missing the point. People who have (for instance) checkuser or oversight should be simply disallowed from logging in through HTTP at all.
+1
There can't really be a geoIP exemption for this.
- d.