Myrgard

is this website safe?

Posted this here because Par killed the other thread with his unexplained and really shitty gifs!

don't use the same password here that you use for eharmony

SSL for full domain costs like 60$.
Guess Mr. Cutard is willing to donate.

I realize the gross monthly salary in the Pakistani army is the equivalent to a 20 piece chicken mcnugget but I'm afraid guest has a valid point. Fortunately this game is pretty dead so the amount of visitors and damage will be minimal, not that anyone would give a shit if the likes of Falcon and Pogue got hacked.

SSL (https) only encrypts the connection between you and the web server. I hope you're not under some sort of impression that the web server doesn't see your password in plain text, because it does... always...

More importantly though, you really have to enable persistent logins. It's ridiculous to have to relogin every time I come to the web site. What's the argument for not having this on in the first place?

Persistent logins have been enabled.

I see the button but I'm still getting logged out when closing my browser... clear some sort of cookie issue. I'm on stock Chrome, Win7 x64, no plugins.

I'm not sure what else can be done on my end. Can you double check your settings to be sure cookie/session data isn't cleared when you quit? I've reviewed cookie and session settings numerous times. I've did some googling to try and find other people with similar issues and didn't find any solutions -- just other people reporting the same problem.

Yeah I seem to only have the issue at work, so perhaps some network config thing could be affecting it there (although that's slightly odd). No issue on other phpbb forums, so not sure what's up, but thought I'd report it anyways. Not a huge deal since it seems to work fine at home.

If that's the case it sounds like I might actually have to tone down our session ip validation settings (https://www.phpbb.com/support/documenta ... r_security). Try to see if the same problem happens again at work. Is your home ip static?

I'll give it a try tomorrow at work. My home IP isn't static either, but it's "more static". Definitely I also noticed today that it had logged me off again at home, so maybe that's it.

I'm using whatever the latest version of IE is with Windows 7. If I click in forums for persistent login, then when I come back to the site from the main page it shows me logged in as anonymous in the top right, when I click on forum it doesn't show me logged in.

Cutard wrote:I realize the gross monthly salary in the Pakistani army is the equivalent to a 20 piece chicken mcnugget but I'm afraid guest has a valid point. Fortunately this game is pretty dead so the amount of visitors and damage will be minimal, not that anyone would give a shit if the likes of Falcon and Pogue got hacked.

sup prom queen Cu.

the webserver sees the passwords as plain texts but administrators dont. the built in software prevents that which can be really annoying when having to manually reset pw's from the db..

liger wrote:the webserver sees the passwords as plain texts but administrators dont. the built in software prevents that which can be really annoying when having to manually reset pw's from the db..

Sure, but anyone with access to the php code could trivially modify it to reveal plain text passwords. I'm just saying that HTTPS does nothing to "protect" you if you don't trust the web server/administrator.

To go on from my previous post...

If I have it set to remember me after logging in and then when I come back, I go directly to the forums without going to the main site first, then it keeps me logged in.

Thanks for the feedback, dantski. I've made a quick change to handling cookies on the main site. Try the same thing and let me know if you still get signed out.

Ok it shows me logged in as Dantski on entering both main site and forum now.

GJ Tox

Great, thanks. I found some things I want to change along the way. Still, hopefully this update will help a lot of the people having logout issues.

Actually scrap what I posted, navigated to main page and it showed me as anonymous and then it showed me logged out when I went to forum.

i smoked crack in a cab
stab u with the sharpest knife i could grab
come back a week later reopen your scab

Dantski wrote:Actually scrap what I posted, navigated to main page and it showed me as anonymous and then it showed me logged out when I went to forum.

Alright. Well, I'll have some new things to try over the weekend. Bear with me until then if you can, please.