I see this has been suggested before, but it seems so common sense and simple to implement.

This page:
http://members.vbulletin.com/membersupport_contactform.php
should be https.

Why?
You ask people for admin access and logins to people's servers.

Yes it is encrypted in your servers, but the passwords are sent in that page in plain text! It should be obvious that this method is not secure at all.

At this time, support tickets can be viewed encrypted, the only thing that isn't encrypted is the initial form to submit tickets. If you have a specific case then you can open a ticket and then simply add another reply on the encrypted page.

We're looking into allowing the whole members area to be encrypted, which would include the page you linked.

In the meantime, a simple solution might be:

Remove the "Sensitive data:" textbox from that page there, and replace it with an explanation like this:

"This form is not encrypted, but all subsequent forms in our ticket system are. To submit sensitive data such as server logins and admin passwords, please post it after the ticket has been created."

Thanks!

In the meantime, a simple solution might be:

Remove the "Sensitive data:" textbox from that page there, and replace it with an explanation like this:

"This form is not encrypted, but all subsequent forms in our ticket system are. To submit sensitive data such as server logins and admin passwords, please post it after the ticket has been created."

Thanks!

That sounds like a good idea to me - add my support for this idea!