Go Back   Home > Forums > >
Home Forums Rules Articles diyAudio Store Blogs Gallery Wiki Register Donations FAQ Calendar Search Today's Posts Mark Forums Read

Forum Problems If there is a forum related problem please leave a message here so an Admin will see it.

Login not secure (over plain HTTP)
Login not secure (over plain HTTP)
Please consider donating to help us continue to serve you.

Ads on/off / Custom Title / More PMs / More album space / Advanced printing & mass image saving
Reply
 
Thread Tools Search this Thread
Old 17th March 2017, 09:17 PM   #11
rsheptak is offline rsheptak  United States
diyAudio Member
 
Join Date: Feb 2015
Location: Pinole, CA
Login not secure (over plain HTTP)
You can easily disable it in Firefox 52.
(1) type about:config into the navigation bar.
(2) accept the risk
(3) search for the preference security.insecure_field_warning.contextual.enabled
(4) double-click on it to change the value to false
(5) restart Firefox.

The warning will be gone.
  Reply With Quote
Old 17th March 2017, 09:19 PM   #12
Dude111 is offline Dude111
diyAudio Member
 
Join Date: Apr 2013
Ya I did like firefox V1.5 but it went downhill FAST and now is just over bloated garbage and its sad........ A program go from something SO GOOD to crap. (Although the same thing happend with MyIE -- It was a gorgeous IE Wrapper and became crap (Last version of "MyIE2" is the last good version (Before name change to Maxthon))
  Reply With Quote
Old 6th April 2017, 05:35 AM   #13
Bunger Mulkin is offline Bunger Mulkin  Equatorial Guinea
diyAudio Member
 
Join Date: Dec 2003
Location: Earth
Default Invalid certificate?

I dug a bit further. If one attempts to login securely (i.e. https://www.diyaudio...etc.), more information appears. Firefox finds an invalid security certificate, apparently an unfinished dummy, based on the data (company = "My Company", expiration date 2010). Could this have anything to do with Firefox throwing the warning?


"www.diyaudio.com uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is not valid for the name www.diyaudio.com. The certificate expired on Saturday, January 9, 2010 5:15 AM. The current time is Wednesday, April 5, 2017 10:29 PM. Error code: SEC_ERROR_UNKNOWN_ISSUER"

A screenshot of the certificate data is attached.
Attached Images
File Type: jpg diyaudio_certificate.jpg (34.9 KB, 91 views)
  Reply With Quote
Old 6th April 2017, 11:01 PM   #14
agdr is offline agdr  United States
diyAudio Member
 
agdr's Avatar
 
Join Date: Sep 2010
Login not secure (over plain HTTP)
Quote:
Originally Posted by Bunger Mulkin View Post
Firefox finds an invalid security certificate...
I'm getting the warning now too, as of a few minutes ago. An expired security cert on the server was my first guess.
  Reply With Quote
Old 7th April 2017, 01:26 AM   #15
kevinkr is offline kevinkr  United States
diyAudio Moderator
 
kevinkr's Avatar
 
Join Date: Sep 2004
Location: Boston, Massachusetts
Login not secure (over plain HTTP)
We don't currently support HTTPS, I am surprised to hear that you even found an invalid certificate, must be left over from a long ago experiment.
__________________
"To argue with a person who has renounced the use of reason is like administering medicine to the dead." - Thomas Paine
  Reply With Quote
Old 7th April 2017, 02:41 AM   #16
wintermute is offline wintermute  Australia
just another
diyAudio Moderator
 
wintermute's Avatar
 
Join Date: Aug 2003
Location: Sydney
Login not secure (over plain HTTP)
The site has never had https it has always been insecure.

Just a word of advice for anyone using any internet service. Do NOT use the same password everywhere. Especially do not use a password that you use for secure transactions, eg paypal, banking, whatever on any other site!!

You should consider any site you login to with http (does not show the little padlock beside the url) as being completely insecure and those login details easily captured.

Tony.
__________________
Any intelligence I may appear to have is purely artificial!
Some of my photos
  Reply With Quote
Old 16th April 2017, 04:56 AM   #17
Jason is online now Jason  Australia
:)
diyAudio Administrator
 
Jason's Avatar
 
Join Date: Oct 2000
Location: Melbourne
Login not secure (over plain HTTP)
FYI, we'll be upgrading to HTTPS in the near future. A lot has changed since the site was set up initially, and IIRC we didn't bake in HTTPS to our Apache config in order to help keep the site as fast as possible and take encryption load off the server. That's not really a consideration these days, so we'll definitely implement HTTPS as soon as we get a chance.
  Reply With Quote
Old 16th April 2017, 04:59 AM   #18
Gnobuddy is online now Gnobuddy  Canada
diyAudio Member
 
Join Date: Mar 2016
Quote:
Originally Posted by Jason View Post
we'll definitely implement HTTPS as soon as we get a chance.
Great news, I'm very glad to hear this.

-Gnobuddy
  Reply With Quote
Old 16th April 2017, 05:54 AM   #19
Dude111 is offline Dude111
diyAudio Member
 
Join Date: Apr 2013
Exclamation  

Quote:
Originally Posted by Jason
FYI, we'll be upgrading to HTTPS in the near future. A lot has changed since the site was set up initially, and IIRC we didn't bake in HTTPS to our Apache config in order to help keep the site as fast as possible and take encryption load off the server. That's not really a consideration these days, so we'll definitely implement HTTPS as soon as we get a chance.
Please dont force it Jason...

Some browsers will not be able to directly connect if you only allow HTTPS.... Its not needed on a site like this!!!!

cellar.org has an HTTPS layer but they also allow http:// for those who cant or dont want to use HTTPS there........
  Reply With Quote
Old 31st January 2018, 02:08 AM   #20
454Casull is offline 454Casull  Canada
diyAudio Member
 
Join Date: Jan 2004
Location: Toronto, ON, Canada
Quote:
Originally Posted by Jason View Post
FYI, we'll be upgrading to HTTPS in the near future. A lot has changed since the site was set up initially, and IIRC we didn't bake in HTTPS to our Apache config in order to help keep the site as fast as possible and take encryption load off the server. That's not really a consideration these days, so we'll definitely implement HTTPS as soon as we get a chance.
Any update on this?
  Reply With Quote

Reply


Login not secure (over plain HTTP)Hide this!Advertise here!
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to secure driver to enclosure clipsemeister Construction Tips 13 2nd August 2011 05:30 PM
How to secure/fix fragile wires to veroboard? HankMcSpank Everything Else 10 8th July 2008 07:48 PM
How do you secure your cables inside your cabs? dublin78 Multi-Way 15 13th March 2008 09:26 PM


New To Site? Need Help?

All times are GMT. The time now is 07:15 AM.


Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Resources saved on this page: MySQL 15.00%
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Copyright ©1999-2018 diyAudio
Wiki