Results 1 to 17 of 17

Thread: HTTPS - Welcome to the Next Level (of Forum Security)

  1. #1
    Administrator

    Join Date
    Nov 2003
    Posts
    2,457

    Default HTTPS - Welcome to the Next Level (of Forum Security)

    Do you like computer security? Do you hate sending things "in the clear?" Do you have a disdain for "person in the middle" snooping and cyber attacks? Then I have good news for you! Thanks to Let's Encrypt, the DP forum is now using HTTPS everywhere. Using state-of-the-art TLS 1.2, the DP Retrogaming Roundtable is now equipt to encrypt all of your communications through the forum. In addition, all HTTP requests will be automatically re-routed into HTTPS requests instead so even if you follow old links, bookmarks, your Web browser's history, or just forget to type in the "s" in "https," you still be covered by HTTP/TLS.

    Note that this change might affect compatibility with old, insecure Web browsers. For example, Internet Explorer 6 will not work and the connection will be closed. Some game consoles' Web browsers might also not like the secure HTTPS connection.

    If you have any problems, please use our contact form to submit a support request.

  2. #2
    ServeBot (Lɘvel 11) RP2A03's Avatar
    Join Date
    Nov 2009
    Location
    59 6F 75 72 20 48 44 44 20 61 64 64 69 6E 67 20 65 6D 62 61 72 72 61 73 73 69 6E 67 20 64 61 74 61
    Posts
    3,515

    Default

    I am pleased that DP finally has encryption, but I couldn't help but notice that the connection is only partially encrypted. Additionally, Firefox and Pale Moon give an untrusted connection warning when typing HTTPS in the address bar (identity can't be verified). Interestingly enough, neither give the warning when redirected from HTTPS. Otter Browser gives an untrusted connection warning no matter how you connect.





    EDIT: https://www.digitpress.com/forum has an expired certificate. Only https://forum.digitpress.com/forum has a valid certificate.

    Otter Browser seems to be taking issue with the ad script that is only present before login.
    Last edited by RP2A03; 04-03-2016 at 12:52 AM.
    Mario says "... if you do drugs, you go to hell before you die."

  3. #3
    Strawberry (Level 2) Custom rank graphic
    FoxNtd's Avatar
    Join Date
    Mar 2010
    Location
    USA/米国
    Posts
    545

    Default

    It's about time. It's always been unsettling to send login info in the clear just to use this forum. I've been glad about Let's Encrypt's project since I first heard of it before they even released their first certs. Now there's no excuse to leave stuff in the open anymore, hooray!

  4. #4
    Administrator

    Join Date
    Nov 2003
    Posts
    2,457

    Default

    RP2A03, I looked into what you wrote about and I think I resolved most of what you mentioned.

    Indeed, only the sub-domain forum.digitpress.com has encryption. The domain name digitpress.com and the sub-domain www.digitpress.com do not, or more precisely, they use a shared certificate from DreamHost which is problematic. Therefore we will continue to use HTTP for www.digitpress.com and digitpress.com while we will use a Let's Encrypt certificate with HTTPS for forum.digitpress.com.

    As far as warnings about mixed HTTP and HTTPS, I have gone in and copied some files from digitpress.com over to forum.digitpress.com and updated the forum's template and other code to point to the HTTPS version of these files which are now served from forum.digitpress.com.

    As to encryption versus identity for the forum's sub-domain, Let's Encrypt's certificates only provide encryption, not identity verification. Therefore while the forum is now using encryption powered by TLS 1.2 with SHA256 and 128-bit keys, its certificate does not provide for identity validation. That's just how the free certs from Let's Encrypt are. But it is better to have encryption without validation of the sub-domain's identity than to have no encryption at all.
    Last edited by Nz17; 04-04-2016 at 11:37 AM.

  5. #5
    ServeBot (Lɘvel 11) RP2A03's Avatar
    Join Date
    Nov 2009
    Location
    59 6F 75 72 20 48 44 44 20 61 64 64 69 6E 67 20 65 6D 62 61 72 72 61 73 73 69 6E 67 20 64 61 74 61
    Posts
    3,515

    Default

    Quote Originally Posted by Nz17 View Post
    RP2A03, I looked into what you wrote about and I think I resolved most of what you mentioned.
    Thank you.

    Just one more thing: I think users should be encouraged to use HTTPS links when possible; especially for things like images and signature banners.
    Mario says "... if you do drugs, you go to hell before you die."

  6. #6
    ServBot (Level 11) Niku-Sama's Avatar
    Join Date
    Aug 2005
    Location
    Deadford, OR
    Posts
    3,377

    Default

    but I like to bare back the internet....

    it makes me feel alive

  7. #7
    ServBot (Level 11) Niku-Sama's Avatar
    Join Date
    Aug 2005
    Location
    Deadford, OR
    Posts
    3,377

    Default

    In serious now i keep getting a random roaming security certificate error on mobile

  8. #8
    Lvl 99 Custom rank graphic
    Daria's Avatar
    Join Date
    Mar 2004
    Posts
    5,212
    Xbox LIVE
    Nymphomatic

    Default

    Quote Originally Posted by RP2A03 View Post
    I am pleased that DP finally has encryption, but I couldn't help but notice that the connection is only partially encrypted. Additionally, Firefox and Pale Moon give an untrusted connection warning when typing HTTPS in the address bar (identity can't be verified). Interestingly enough, neither give the warning when redirected from HTTPS. Otter Browser gives an untrusted connection warning no matter how you connect.





    EDIT: https://www.digitpress.com/forum has an expired certificate. Only https://forum.digitpress.com/forum has a valid certificate.

    Otter Browser seems to be taking issue with the ad script that is only present before login.

    Chrome won't even let me see the main site anymore. Tells me the connection isn't private and when I go to advance options it bitches about the out of date certificate. Even telling it to ignore it and let me continue with an unsafe connection just refreshes the error page.

  9. #9
    ServeBot (Lɘvel 11) RP2A03's Avatar
    Join Date
    Nov 2009
    Location
    59 6F 75 72 20 48 44 44 20 61 64 64 69 6E 67 20 65 6D 62 61 72 72 61 73 73 69 6E 67 20 64 61 74 61
    Posts
    3,515

    Default

    Quote Originally Posted by Daria View Post
    Chrome won't even let me see the main site anymore. Tells me the connection isn't private and when I go to advance options it bitches about the out of date certificate. Even telling it to ignore it and let me continue with an unsafe connection just refreshes the error page.
    Use HTTP instead of HTTPS for the main site.
    Mario says "... if you do drugs, you go to hell before you die."

  10. #10
    Lvl 99 Custom rank graphic
    Daria's Avatar
    Join Date
    Mar 2004
    Posts
    5,212
    Xbox LIVE
    Nymphomatic

    Default

    Quote Originally Posted by RP2A03 View Post
    Use HTTP instead of HTTPS for the main site.
    Huh. I swear I had tried that. That's what I get for trouble-shooting in the early AM.

  11. #11
    ServBot (Level 11) Niku-Sama's Avatar
    Join Date
    Aug 2005
    Location
    Deadford, OR
    Posts
    3,377

    Default

    oh crap tell me about it. I just got super sucked into a arcade game research black hole and suddenly its 4 hours later

  12. #12
    ServBot (Level 11) Niku-Sama's Avatar
    Join Date
    Aug 2005
    Location
    Deadford, OR
    Posts
    3,377

    Default

    hate to double post but secure version isn't working for me any longer and I have missing icons and other such things.
    some odd stuffs

  13. #13
    celerystalker is a poindexter celerystalker's Avatar
    Join Date
    Sep 2014
    Location
    St Louis, MO
    Posts
    2,657

    Default

    I'm having the same problems. Like, when posting, none of the icons show in the tools, it's just black boxes. I also can't see thread ratings, the icons next to the threads in the sub-forums...

  14. #14
    ServBot (Level 11) Niku-Sama's Avatar
    Join Date
    Aug 2005
    Location
    Deadford, OR
    Posts
    3,377

    Default

    yea hmm...
    did some digging and the main front page has changed since I last looked at it.
    also some of the mods/admins signatures are now gone which lead to their own sites.

    do you have backups of your GOTD and Poorly Documented posts?

  15. #15
    celerystalker is a poindexter celerystalker's Avatar
    Join Date
    Sep 2014
    Location
    St Louis, MO
    Posts
    2,657

    Default

    Quote Originally Posted by Niku-Sama View Post
    yea hmm...
    did some digging and the main front page has changed since I last looked at it.
    also some of the mods/admins signatures are now gone which lead to their own sites.

    do you have backups of your GOTD and Poorly Documented posts?
    I don't. I guess maybe I could try and save them on my laptop when I get my next day off... but as of right now, the forum is the only real record of them.

  16. #16
    Kirby (Level 13) Tanooki's Avatar
    Join Date
    Aug 2012
    Posts
    5,896

    Default

    If login's are to be believed I'm told our former dictator is now 2 weeks missing and presumed buried? Site seems to be falling apart. Main domain page also is barren missing all the tie backs to the board too. This place is probably slowly going belly up breaking down from lack of maintenance or care.

    Celery I can't speak for anyone else, but I'd back that stuff up of yours and then start posting them (co-posting) if you have an account at racketboy. They appreciate stuff like this and you'd get more active feedback and debate too I believe.

  17. #17
    celerystalker is a poindexter celerystalker's Avatar
    Join Date
    Sep 2014
    Location
    St Louis, MO
    Posts
    2,657

    Default

    Quote Originally Posted by Tanooki View Post
    If login's are to be believed I'm told our former dictator is now 2 weeks missing and presumed buried? Site seems to be falling apart. Main domain page also is barren missing all the tie backs to the board too. This place is probably slowly going belly up breaking down from lack of maintenance or care.

    Celery I can't speak for anyone else, but I'd back that stuff up of yours and then start posting them (co-posting) if you have an account at racketboy. They appreciate stuff like this and you'd get more active feedback and debate too I believe.
    I'll probably back it up if I can, if for no other reason than I've put a lot of work into those threads to try and get conversation started. If DP falls apart, though, I don't think I'll be migrating to another forum. I'll probably just be done, at least for awhile, but hopefully I can exchange some e-mails with some people if it comes to that to keep in touch.

    I'm not sure if Nz17 is done or if he's just taking a break due to all of the drama and other projects. I checked his website earlier today on my lunch to see if there were any updates on him, and apparently he's running for local school board office.

Similar Threads

  1. Burning Security
    By HyruleHero in forum Classic Gaming
    Replies: 6
    Last Post: 06-15-2015, 09:18 AM
  2. Final Fantasy VII.https://www.youtube.com/watch?v=2jz8WnbZysw [DYKG]
    By DP ServBot in forum The Gesellschaft (Videogame Newsroom)
    Replies: 0
    Last Post: 02-25-2014, 05:10 AM
  3. Replies: 25
    Last Post: 07-26-2009, 04:02 PM
  4. FA: Level 50 and Level 21 Matrix Online Account
    By Zadoc in forum Everything Auctions
    Replies: 4
    Last Post: 06-23-2005, 04:48 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •