What kind of risks are there in my using DA with http instead of https? and

[jiri2]

Can anyone sniff my passwords, but only if they have malware installed on the actual server? Or can any visitor see the content of the page if I'm currently logged in into the script?

Also, on a dedi, how can I access the

/usr/local/directadmin/conf/cacert.pem

mentioned in the helpfile?

http://help.directadmin.com/item.php?id=15

 

[nobaloney]

If you use http with your DirectAdmin control panel anyone sniffing your packets can see your passwords, as they're passed over the Internet in plaintext. Whether or not someone is actually looking for your packets is indeed another matter; it's most likely to occur in your own office, on your own ISP's network, or at your datacenter.

It requires a small amount of expertise but it's very doable.

Can a visitor see a page just because you're logged in? No.

Jeff