Encrypt transfer data

[realJustmike]

I think it would be nice to encrypt the data transferred between monitor and clients based on a pre-shared key in the extension-settings like Xavier Perseguers does in his "Central account management":

https://docs.typo3.org/typo3cms/extensions/causal_accounts/AdministratorManual/InstallingExtension/Index.html

[georgringer]

Absolutely, wanna do a pull request?

[christophlehmann]

Would we close it in times of HTTPS und free letsencrypt certificates?

[christophlehmann]

I would rather force HTTPS usage per setting in EM, what so you think?

[calien666]

I don't think, closing this is the best idea. Because having an https connection allows an attacker knowing your secret to get the data fetched.
Securing it via a pre shared key or a key pair solution is more secure. I will think about it and do a pull request on this, if I find a solution

[liayn]

Additional encryption is more secure. But the attack vector you described, is easily mitigated by employing a proper IP filter in the extension's settings.