Aguila Posted January 1, 2014 Share Posted January 1, 2014 Please support HTTPS. The URL works https://forum.tuts4you.com/index.php but as soon as I click on a thread, the connection is HTTP again. Self-signed certificate is ok, but please support also ssl with perfect forward secrecy. 1 Link to comment Share on other sites More sharing options...
Teddy Rogers Posted January 2, 2014 Share Posted January 2, 2014 This was something I had considered doing some years ago but with SSL "broken" and certificate authorities not wholly "honest" I decided it wasn't worth the hassle or expense for what little gain. I contemplated using a self-signed certificate and had one running in the background for a little while but decided against having it running live as most people get confused and put off viewing sites when they see a big scary warning about a broken/unknown security certificate in their browser. Only recently the latest RHEL now comes with an updated version of OpenSSL which has support for TLS1.2 so if I get some time I may revisit adding a security certificate with PFS. However it's currently at the low end of priorities for now. I will keep you posted on any developments though... Ted. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted February 4, 2014 Share Posted February 4, 2014 I have installed a new security certificate which is now active for secure connections during signing in and during creation of a new user account. The certificate supports TLS1.2. Please let me know if there are any problems... Ted. Link to comment Share on other sites More sharing options...
kao Posted February 4, 2014 Share Posted February 4, 2014 The URL works https://forum.tuts4you.com/index.php but as soon as I click on a thread, the connection is HTTP again.This issue still persists. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted February 4, 2014 Share Posted February 4, 2014 Yes, that is normal for the way the board is currently configured, for it to default back to none secure pages after you click on a link. IPB by default only allows for SSL to be used during signing in and during registering of a new account but not full encryption throughout the board. There is a workaround method to enable full encryption across the board but I have yet to find out why - when enabled - not all page content is encrypted... Ted. Link to comment Share on other sites More sharing options...
kao Posted February 4, 2014 Share Posted February 4, 2014 Something changed, now clicking on links keeps "https" - thanks a lot! Signatures (like your own) & other images linked to 3rd party servers will cause "page includes resources which are not secure" warning in browsers - but there's not much you can do about that. Apart from that, it looks like it's working perfectly. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted February 4, 2014 Share Posted February 4, 2014 I fixed the issues with securing the default board configuration from fully encrypting the page so I enabled it completely across the board. Unfortunately, and as you have mentioned, there is nothing I can do about links to external images in signatures and such like... Ted. Link to comment Share on other sites More sharing options...
Aguila Posted February 4, 2014 Author Share Posted February 4, 2014 Thank you very much Teddy. Now I am feeling much better. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted May 27, 2014 Share Posted May 27, 2014 Perfect Forward Secrecy is now active on this server - if your browser supports it... https://www.ssllabs.com/ssltest/analyze.html?d=tuts4you.com Ted. Link to comment Share on other sites More sharing options...
nonspin Posted June 1, 2014 Share Posted June 1, 2014 Those who have bookmarked "www.tuts4you.com" get a "untrusted connection" since the certificate is valid forhttps://tuts4you.com adding these to .htaccess would fix it RewriteEngine OnRewriteCond %{HTTP_HOST} ^www.tuts4you.com$ [NC]RewriteRule ^(.*)$ http://tuts4you.com/$1 [R=301,L] Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 2, 2014 Share Posted June 2, 2014 The server already redirects to the none www links and has done for nearly as long as the site has been running. No one should be using www links, even search engines... Ted. Link to comment Share on other sites More sharing options...
nonspin Posted June 2, 2014 Share Posted June 2, 2014 www.tuts4you.com uses an invalid security certificate. The certificate is only valid for the following names: forum.tuts4you.com , tuts4you.com (Error code: ssl_error_bad_cert_domain) Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 2, 2014 Share Posted June 2, 2014 That is correct, there should be a warning if you are accessing the site through a www link... Ted. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 4, 2014 Share Posted June 4, 2014 HSTS is now fully enabled on the server... Ted. Link to comment Share on other sites More sharing options...
LCF-AT Posted June 4, 2014 Share Posted June 4, 2014 Hi Ted, short info: If I login now then it comes again any new style window and after login I press on my messenger icon to let open the tab but there it hangs again endless.Now I need to refresh the page or open it in a new tab and then the messenger icon works again normaly.So maybe you remember that we talked already about the problem before a while so now its the same problem again.Just only a info for you so I don't know what you have changed or updated now etc. greetz Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 6, 2014 Share Posted June 6, 2014 Can you recall what was done to fix it? Ted. Link to comment Share on other sites More sharing options...
LCF-AT Posted June 7, 2014 Share Posted June 7, 2014 Hi Ted, ok I have checked my PMs with you and I told you about the same problem at 6. February this year and you answered me "...added a security ticket to the site so that all connections are encrypted" ...and then you said after... "I have changed some settings, and let me know if you experience the same symptoms..." and then the problems was away again but then you changed again any web settings and the problem was comming back and then you fixed it again. Anyway so just check our PM topic called "Improving Script Topics.." Maybe its again any http / https issue so I try to test it so normaly my link does just use http to this forum.If enter this... https://forum.tuts4you.com/ = same in browser to see after if I enter this... http://forum.tuts4you.com/ = forum.tuts4you.com/ to see only greetz Link to comment Share on other sites More sharing options...
Dreamer Posted June 11, 2014 Share Posted June 11, 2014 (edited) tedd when i try to go to download location for any tut you make i get some ssl error example https://forum.tuts4you.com/topic/12209-codeveil-12/ Edited June 11, 2014 by Dreamer Link to comment Share on other sites More sharing options...
kao Posted June 11, 2014 Share Posted June 11, 2014 That is correct, there should be a warning if you are accessing the site through a www link... Ted. So, some old links are supposed to have that warning. 1 Link to comment Share on other sites More sharing options...
Dreamer Posted June 11, 2014 Share Posted June 11, 2014 thx Kao Link to comment Share on other sites More sharing options...
Teddy Rogers Posted January 27, 2015 Share Posted January 27, 2015 A new security certificate has been issued and I have removed RC4 from the list of supported cyphers... Ted. 1 Link to comment Share on other sites More sharing options...
HTC Posted January 27, 2015 Share Posted January 27, 2015 hope that will not be problems anymore Link to comment Share on other sites More sharing options...
Teddy Rogers Posted November 26, 2016 Share Posted November 26, 2016 The security certificate for the site has now been updated. I have also changed the certificate authority, it is no longer issued from StartSSL and is now being issued from cPanel (the OCSP is Comodo). All StartSSL certificates issued after 21st October are no longer going to be trusted starting from Firefox 51 and Chrome 56. All StartSSL certificates issued after this date should not be trusted... Ted. 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now