Anti-phishing suggestion

  • 1
  • Question
  • Updated 10 years ago
  • Answered
Hi Yola,

Many people (including myself) are not happy with the fact that Yola does not allow uploading of html files to the file manager. The html widget-copy-and-paste method is not very pleasant to people with many html pages. Yola's point regarding this is that uploading html would allow phishing--a point that is hard to deny.

Now, here is one suggestion to get out of this dilemma. A potential phisher needs to mimic some existing website (eg. a bank's website). It is easy to do if one is allowed full control over the html file being used. But Yola can restrict this by forcing a harmless banner somewhere near the top. Not some advertisement, just something that one would typically not find in standard webpages. To avoid jarring a webbuilder's aesthetic sense, this banner may be chosen by the builder himself/herself from a fixed set of banners. The banners may be something like icons of flags of different countries. The point is that EVERY USER
should be forced to display a small but conspicuous banner like this somewhere near the top of the page.

Then Yola can allow one to upload html files. Every time there is a request for this file the Yola server would append this banner before serving the page. And if some user really objects to have a banner, then he/she should not be allowed to upload html files.

May be the solution is not this simple, but just wondering if something may be done along this line.

Photo of Arnab Chakraborty

Arnab Chakraborty

  • 3 Posts
  • 0 Reply Likes
  • sad that html files cannot be uploaded!

Posted 10 years ago

  • 1
Photo of Marije

Marije, Official Rep

  • 4636 Posts
  • 237 Reply Likes
Hi Arnab,

Thank you for your suggestion - I'll pass it on to our development team. We are looking at ways to accommodate HTML files and hope to be able to have further information soon.