#1  
Old 08-31-2013, 02:31 PM
viscousmemories's Avatar
viscousmemories viscousmemories is offline
Admin
 
Join Date: Apr 2004
Location: Ypsilanti, Mi
Gender: Male
Posts: XXXDCCXLVI
Blog Entries: 1
Images: 9
Default SSL Encryption

We now have SSL encryption enabled on the :ff: but I haven't configured it to redirect automatically (yet?) -- just add https:\ to your bookmarks if you want to connect using SSL. The "Https Everywhere" plugin doesn't seem to work here but I haven't figured out why yet.
Reply With Quote
Thanks, from:
Adam (09-01-2013), fragment (08-31-2013), JoeP (09-01-2013), LadyShea (08-31-2013), Leesifer (08-31-2013), lisarea (08-31-2013), livius drusus (08-31-2013), SR71 (08-31-2013), Stormlight (09-02-2013)
  #2  
Old 08-31-2013, 02:56 PM
Ari's Avatar
Ari Ari is offline
I read some of your foolish scree, then just skimmed the rest.
 
Join Date: Jan 2005
Location: Bay Area
Gender: Male
Posts: XMDCCCLV
Blog Entries: 8
Default Re: SSL Encryption

¡pǝʇɐʌıʇɔ∀ uoıʇdʎɹɔuƎ
I am now viewing this page through layers upon layers of security and yet it's just as bright and sharp as every. Good job!
Reply With Quote
Thanks, from:
Adam (09-01-2013), curses (09-03-2013), lisarea (08-31-2013), SR71 (08-31-2013), Stormlight (09-02-2013), viscousmemories (09-01-2013)
  #3  
Old 08-31-2013, 03:09 PM
slimshady2357's Avatar
slimshady2357 slimshady2357 is offline
forever in search of dill pickle doritos
 
Join Date: Jul 2004
Posts: VMLXXIV
Blog Entries: 6
Images: 52
Default Re: SSL Encryption

The portal doesn't look quite right and the quick links menu doesn't work - EDIT: on the portal I meant.

Also, the link to the forums on the portal sends you to the NSA version of the site.

No complaints, just letting you know!
Reply With Quote
Thanks, from:
curses (09-03-2013)
  #4  
Old 08-31-2013, 03:11 PM
slimshady2357's Avatar
slimshady2357 slimshady2357 is offline
forever in search of dill pickle doritos
 
Join Date: Jul 2004
Posts: VMLXXIV
Blog Entries: 6
Images: 52
Default Re: SSL Encryption

Actually the quick links menu also takes you to the regular site.

But maybe that is what it should do? I don't know, just noticed that the https disappears when you use 'New Posts' or 'New Posts (Old Style)'.
Reply With Quote
  #5  
Old 09-01-2013, 11:09 PM
JoeP's Avatar
JoeP JoeP is offline
Solipsist
 
Join Date: Jul 2004
Location: Kolmannessa kerroksessa
Gender: Male
Posts: XXXVMMXI
Images: 18
Default Re: SSL Encryption

Q29vbCEK
VGhhbmtzIHZtLgo=
__________________

:roadrun:
Free thought! Please take one!

:unitedkingdom:   :southafrica:   :unitedkingdom::finland:   :finland:
Reply With Quote
Thanks, from:
Stormlight (09-02-2013)
  #6  
Old 03-10-2017, 06:20 AM
The Man's Avatar
The Man The Man is offline
Safety glasses off, motherfuckers
 
Join Date: Apr 2009
Location: Sarasota, FL
Gender: Bender
Posts: MVCMLVI
Default Re: SSL Encryption

Is the encryption no longer working? When I connect using https, Chrome tells me the connection is not secure.

(I was pretty sure I remembered SSL encryption having been activated in the past, and this thread shows me that I was correct.)
__________________
Cēterum cēnseō factiōnem Rēpūblicānam dēlendam esse īgnī ferrōque.

“All for ourselves, and nothing for other people, seems, in every age of the world, to have been the vile maxim of the masters of mankind.” -Adam Smith

last.fm · my music · Marathon Expanded Universe
Reply With Quote
Thanks, from:
Stormlight (03-13-2017)
  #7  
Old 03-10-2017, 09:22 AM
JoeP's Avatar
JoeP JoeP is offline
Solipsist
 
Join Date: Jul 2004
Location: Kolmannessa kerroksessa
Gender: Male
Posts: XXXVMMXI
Images: 18
Default Re: SSL Encryption

Firefox says:

Quote:
The owner of Freethought Forum has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site.

Freethought Forum uses an invalid security certificate.

The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.

Error code: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
So it's still encrypted, it's just that the certificate uses an algorithm has been theoretically cracked - probably MD5.

I think - but haven't found anything supporting it - that this means your traffic could in theory be intercepted by someone who has cracked the FF certificate, and is performing a "man in the middle" attacking - decrypting, reading and re-encrypting the traffic to and from you.
__________________

:roadrun:
Free thought! Please take one!

:unitedkingdom:   :southafrica:   :unitedkingdom::finland:   :finland:
Reply With Quote
Thanks, from:
Ari (03-10-2017), Stormlight (03-13-2017), The Man (03-10-2017)
  #8  
Old 03-10-2017, 02:25 PM
Zehava's Avatar
Zehava Zehava is offline
Captain #EmbraceTheImpossible
 
Join Date: May 2005
Location: Sandy, Oregon
Gender: Male
Posts: MMDCCCXXXVIII
Blog Entries: 1
Images: 151
Default Re: SSL Encryption

Chrome and FF both deprecated support for SHA1 certificates around the end of January.

Google Security Blog

Mozilla Security Blog

IE still works, but it's IE so there's that.
__________________
The best way to make America great is to lower the standards!
Reply With Quote
Thanks, from:
Ari (03-10-2017), JoeP (03-10-2017), Stormlight (03-13-2017), The Man (03-10-2017)
  #9  
Old 03-18-2017, 05:49 PM
Corona688's Avatar
Corona688 Corona688 is offline
Forum Killer
 
Join Date: Aug 2004
Posts: MVCII
Default Re: SSL Encryption

Firefox has gone overboard with this IMO, breaking nontrivial numbers of pages and driving people to other browsers...
__________________
Reply With Quote
Thanks, from:
The Man (03-18-2017), Zehava (03-19-2017)
  #10  
Old 05-16-2017, 02:09 AM
lpetrich's Avatar
lpetrich lpetrich is offline
Member
 
Join Date: Jul 2004
Location: Lebanon, OR, USA
Gender: Male
Posts: DXXIII
Default Re: SSL Encryption

I tried https with Firefox, and it protested that FF's site is an improperly-configured one. So I reverted to http.

Curiously, when I installed SSL on Secular Cafe, https worked fine.
Reply With Quote
Thanks, from:
The Man (05-16-2017)
  #11  
Old 06-27-2017, 08:03 PM
Zikes's Avatar
Zikes Zikes is offline
Emoticonist
 
Join Date: Dec 2004
Posts: CCXIV
Default Re: SSL Encryption

I recommend Caddy - The HTTP/2 Web Server with Automatic HTTPS, It'll automatically nab free certs from LetsEncrypt.
Reply With Quote
Thanks, from:
The Man (06-27-2017)
Reply

  Freethought Forum > Public Works > Forum Administration


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

 

All times are GMT +1. The time now is 05:52 AM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Page generated in 0.32670 seconds with 15 queries