Invalid rule for FotoForensics
I just noticed the https-everywhere rule for FotoForensics:
The public FotoForensics site (fotoforensics.com) is strictly HTTP and not HTTPS. The public has no logins and we offer no privacy.
HTTPS is strictly for people who have logins. (Administrators, research partners, etc.) Directing regular users to the HTTPS interface will prohibit them from using the site since they won't get past the login page.
If you have questions, please visit the FotoForensics.com or HackerFactor.com contact pages.