Site not secure, per Chrome

Main forum for site announcements, suggestions, and help.

Moderators: Savor Dam, Vain

User avatar
Linna Heartbooger
Are you not a sine qua non for a redemption?
Posts: 3894
Joined: Mon Oct 01, 2007 11:17 pm
Been thanked: 1 time

Post by Linna Heartbooger »

Avatar wrote:Yes, pretty much. The free version is a relatively new thing, paid ones are valid for a year before renewal is required, just like your domain.
--A
If you already know the price range for what would be needed for a site like ours Av., what is it?
(feel free to mention multiple packages; in case there is like a better rate if you pay for 5 years in advance.)

(Sorry I was like "HEY! Peoples! Here's something we should do something about."
...and then I didn't say anything for a bit.)
"People without hope not only don't write novels, but what is more to the point, they don't read them.
They don't take long looks at anything, because they lack the courage.
The way to despair is to refuse to have any kind of experience, and the novel, of course, is a way to have experience."
-Flannery O'Connor

"In spite of much that militates against quietness there are people who still read books. They are the people who keep me going."
-Elisabeth Elliot, Preface, "A Chance to Die: The Life and Legacy of Amy Carmichael"
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

Nah, has to be done yearly, for security, y'know.

Paid ones start at about US$30 per year.

--A
User avatar
wayfriend
.
Posts: 20957
Joined: Wed Apr 21, 2004 12:34 am
Has thanked: 2 times
Been thanked: 4 times

Post by wayfriend »

Oddly, while my benevolent corporate overlords still block kevinswatch from work, for some reason it is not blocked when I am working from home and connected to work with a VPN.

So, you know .... bright spot, yada yada.
.
User avatar
Cord Hurn
Servant of the Band
Posts: 7630
Joined: Mon Oct 28, 2013 7:08 pm
Location: Tucson, Arizona, USA
Has thanked: 6 times
Been thanked: 4 times

Post by Cord Hurn »

wayfriend wrote:Oddly, while my benevolent corporate overlords still block kevinswatch from work, for some reason it is not blocked when I am working from home and connected to work with a VPN.

So, you know .... bright spot, yada yada.
It's no accident that you're the largest recipient of Thanks by other Watchers, wayfriend, because you have produced a lot of terrific posts! I am sorry that it's recently become more troublesome for you to do that, but it's a bright spot if you can post more during the pandemic. (Another bright spot: Has everybody noticed that the air is getting a lot cleaner lately?)
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

Well, the pollution monitors certainly have. Interestingly, it's creating an increase in temperature, because it has changed our albedo. :D

--A
User avatar
Cord Hurn
Servant of the Band
Posts: 7630
Joined: Mon Oct 28, 2013 7:08 pm
Location: Tucson, Arizona, USA
Has thanked: 6 times
Been thanked: 4 times

Post by Cord Hurn »

Avatar wrote:Well, the pollution monitors certainly have. Interestingly, it's creating an increase in temperature, because it has changed our albedo. :D

--A
You are saying it's increased the ability of the land's surface to throw heat back up at you, have I understood you right?
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

No, it has decreased the amount of heat we are reflecting back into space, so we're absorbing more, so temps are rising. :D

--A
User avatar
Cord Hurn
Servant of the Band
Posts: 7630
Joined: Mon Oct 28, 2013 7:08 pm
Location: Tucson, Arizona, USA
Has thanked: 6 times
Been thanked: 4 times

Post by Cord Hurn »

(Don't get me wrong, I find this pandemic frustrating and unnerving. But I want to be able to see some bright side while maintaining social distance and dealing with all these restrictions.)
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

Haha, well, less air pollution is an upside. :D But maybe we weren't prepared for the practical effect thereof. :D

--A
User avatar
Cord Hurn
Servant of the Band
Posts: 7630
Joined: Mon Oct 28, 2013 7:08 pm
Location: Tucson, Arizona, USA
Has thanked: 6 times
Been thanked: 4 times

Post by Cord Hurn »

Avatar wrote:Haha, well, less air pollution is an upside. :D But maybe we weren't prepared for the practical effect thereof. :D

--A
In truth, I wouldn't have been prepared for that side effect, either! :?
User avatar
Vain
Nom
Posts: 5055
Joined: Sat Mar 02, 2002 3:19 pm
Contact:

Post by Vain »

Urgh! I got guilt-tripped by Avatar into lifting my lazy butt and getting things sorted so voila....the site is now secure! :)

The disk space was also used up - thanks to the 3Gb error log file! So it should theoretically work better now....

Oh and Hi Guys!! :)
Lazy Luke
The Gap Into Spam
Posts: 1369
Joined: Sun May 06, 2018 9:19 am
Location: Plasticdisguiseville

Post by Lazy Luke »

Thanks Dude. I was just thinking of how this site is pretty fuktup.
Here's hoping that crazy clock runs on time!

:?
User avatar
wayfriend
.
Posts: 20957
Joined: Wed Apr 21, 2004 12:34 am
Has thanked: 2 times
Been thanked: 4 times

Post by wayfriend »

Hi Vain.

I see you've installed a valid certificate. But it's only valid for 3 months! Valid from 5/26/2020 to 8/25/2020.

Some pages are showing as secure, others have a warning: Attackers might be able to see the images you're looking at on this site and trick you by modifying them.
Even though you have SSL installed on for your domain, you can see this error and this simply means your website contains “http” links on its pages. You can even see this error on some pages instead of every page. It can be an image that’s linked to an external url starts with “http” instead of “https”. We don’t want “http” links in our site so to eliminate this SSL error, we need to “fix” these “http” links.
Looking at the page source, culprits include the Home button, Avatar's signature, Cord Hurn's signature, etc.

Not that I don't appreciate you working on this! :D
.
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

VAIN!!! It worked!!! Hallelujah! :D

Yeah, Let's Encrypt requires renewal every 3 months. The thing with the images is because the image paths (where they are posted etc.) are still http, which it's now trying to load into https, so you get "cross-domain" issues. (Since theoretically http and https versions are 2 different sites, one of which is insecure.)

Shouldn't be enough to do more than show a little orange icon in the address bar instead of a green one. Google (chrome) etc. will still accept the site as being https.

It just has to be renewed regularly. (Vain... :D )

--A
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

(Hmmm, photo's might be blocked as well? (Old pohoto's anyway?) Also still can't see the profiles, will chat to Vain about it.

--A
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

Tested...it's not the https thing for the album. New pic has https path, thumbnail still not showing.

--A
User avatar
Vain
Nom
Posts: 5055
Joined: Sat Mar 02, 2002 3:19 pm
Contact:

Post by Vain »

Well that was fun!

A few things:

- certificate auto renews every year so all good there
- I think I fixed all the type urls in sigs and in the menu
- the profile now works but it is a basic one. Something in the previous modded version was breaking it

I haven't modified urls in posts that have links

The album must have a glitch. The files are not saved as so something else is glitching on that front.
User avatar
wayfriend
.
Posts: 20957
Joined: Wed Apr 21, 2004 12:34 am
Has thanked: 2 times
Been thanked: 4 times

Post by wayfriend »

There are links in posts and links in signatures and (probably) links for avatars (that were not uploaded) and I don't know if one can make them all go away.

If there was an automatic way for PHPBB2 to change all http: to https:, one is left with the question, would that link still work?

There is an Apache thing called a .htaccess file which can be configured to maybe make this go away. Presuming that this website is ultimately built on Apache.
Resolving the warning by adding code to your .htaccess file
Instead of manually updating links in your code, you could add the following lines to your site's .htaccess file.
Header always set Content-Security-Policy "upgrade-insecure-requests;"
These lines force the browser to automatically update any insecure links to secure links. Once added, the warning should immediately disappear.
There may be an equivalent feature if it's not Apache.
.
User avatar
Vain
Nom
Posts: 5055
Joined: Sat Mar 02, 2002 3:19 pm
Contact:

Post by Vain »

I had a crack at making them go away - likely means a number of images etc are no longer there but at least the pages should be secure. The htaccess file is managed via the cpanel settings so that line gets rejected.

Probably as good as it's goig to get for now - there isn't a way to block images etc in the future though from being linked to
User avatar
Avatar
Immanentizing The Eschaton
Posts: 61651
Joined: Mon Aug 02, 2004 9:17 am
Location: Johannesburg, South Africa
Has thanked: 13 times
Been thanked: 19 times

Post by Avatar »

Think it might be this:

Header add Content-Security-Policy "upgrade-insecure-requests;"

Regardless though, thanks for missioning it Vain. :D

--A
Post Reply

Return to “Announcements + Suggestions + Q&A + Help”