XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
It is currently Fri Jun 23, 2017 11:06 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
PostPosted: Thu Apr 13, 2017 10:24 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14481
Quote:
I'm getting a padlock with a diagonal line through it when I go to the login page, then a warning message from Firefox that my login is not secure. No https... Had to cross my fingers and hope in order to log in to send you this message.

Quote:
No, it still warns me about insecure login. If you cure it can you make a general post about it please? I can see those without logging in and I am logging out until I know I have a secure interface.


Any help?


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:38 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5852
Location: NYC
Is it this?

Scroll down to post from makaiguy

http://forums.mozillazine.org/viewtopic ... &t=3028864


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:55 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14481
Thanks W, tried...
Code:
https"//x704.net/bbs


Attachments:
x704https.gif
x704https.gif [ 29.35 KiB | Viewed 560 times ]
Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:57 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14481
Continued & got this...
Quote:
WebFaction
Coming soon: Another fine website hosted by WebFaction.

Site not configured
If you are the owner of this website and weren’t expecting to see this message, here are some potential causes and solutions:

You recently created a new website record, but opened the URL before your changes were activated in the web server and DNS configuration. Wait a moment and refresh.
You created a new website record without the current subdomain (for example, www). Return to the control panel to add the current subdomain to the website record and refresh.
You added a new domain in the control panel but didn’t create a site record to link it with an application. Create a website record with the control panel and refresh.
Your website record is set for HTTPS, but you visited a HTTP URL (or vice-versa). Open the URL with the other protocol.
You tried to access your website by IP address. Access the website by domain name instead.
There is a problem with your account. Check the control panel for unresolved support tickets and check your email for recent messages from support@webfaction.com.
For more details, please see Error: Site not configured.

WebFaction provides modern hosting with friendly customer support. Visit our main website for more information.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:58 am 
Offline
User avatar

Joined: Mon Sep 14, 2009 8:51 pm
Posts: 432
Location: Minnesota, USA
Yes it is that.

Yes, FF52.

Tried adding https:// to the start of the URL and get the same.

Are others seeing the same? Just going with it? Sure, I can just ignore it since it isn't like this is my bank account site.

I don't recall not seeing this being a non-https site before.

Edit: I just checked my saved logins in my master password file for FF and see this has been listed as a http-only site for my past logins. I guess we all just go with it. :roll:


Attachments:
Screen Shot 2017-04-13 at 14.53.58.JPG
Screen Shot 2017-04-13 at 14.53.58.JPG [ 15.64 KiB | Viewed 559 times ]
Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 1:19 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5852
Location: NYC
Not seeing anything like this either with FF or Safari. But do get it if I try to go here with https--but that's always been the case.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 2:15 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9269
Location: Caught between the moon and NYC
Its probably just the stupid new "if you're on an http site and you need to enter a username & password lets block FF from automatically entering it and tell you the world is about to end" feature of Firefox 52.

I turned that thing off with extreme prejudice because I use different passwords on different sites so I don't give a flying &*(#$ if one particular site gets compromised.

I get that they're trying to shame websites into upgrading to https because... well, I don't know why, its not like every website contains sensitive information. Are they going to automatically block the warnings about self-generated certificates at the same time? No? Then they're just making stupid assumptions. And when you assume, you make an ass out of u and me.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 3:31 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5852
Location: NYC
Directions for nuking that idiocy were in that mozillazine link I gave above. Other places to find those about:config changes, just happened to remember that they were all there in that one place.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 3:49 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9269
Location: Caught between the moon and NYC
Yeah, sorry, didn't mean to suggest anything besides adding my voice to your suggestion. And based on Limnos' screenshot it's exactly that feature.

"aaah! its http with a username & password! aaaah! feast on the goo inside!"


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 4:34 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 5852
Location: NYC
MonkeyBoy wrote:
Yeah, sorry, didn't mean to suggest anything besides adding my voice to your suggestion. And based on Limnos' screenshot it's exactly that feature.

"aaah! its http with a username & password! aaaah! feast on the goo inside!"

Wasn't really meant for you. Thought maybe it would help clarify things for BD. Plus glad that you confirmed what I thought was going on--wasn't certain I had that right.


Top
 Profile  
 
PostPosted: Fri Apr 14, 2017 5:27 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9636
Location: North of the State of Jefferson
There is no certificate for this site, it is not configured to use HTTPS, and login is insecure (don't do your banking here and don't use a password that you use elsewhere -- unless of course it's a password you use for all the other sites that require passwords that don't actually matter. My http://nytimes.com password is "password1". It's secure because it has a number. Don't tell anyone!).

The Webfaction certificate is a default certificate not set up by this site, but instead by the hosting provider. They are good hosting provider and I recommend them, but their certificate is meaningless for our purposes. Again, THIS IS NOT A SECURE SITE. SSL has not been configured. Do not use it for managing nuclear reactors or air traffic control systems.

Someday this might be fixed, not until it won't impinge on the 7 hours of sleep I get each night.

- Anonymous


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group