http:// instead of https://
-
- Posts: 5
- Joined: 23 Nov 2012, 05:09
- Contact:
http:// instead of https://
is this website safe?
-
- Posts: 5
- Joined: 23 Nov 2012, 05:09
- Contact:
Re: http:// instead of https://
Posted this here because Par killed the other thread with his unexplained and really shitty gifs!
Re: http:// instead of https://
don't use the same password here that you use for eharmony
Re: http:// instead of https://
SSL for full domain costs like 60$.
Guess Mr. Cutard is willing to donate.
Guess Mr. Cutard is willing to donate.
Re: http:// instead of https://
I realize the gross monthly salary in the Pakistani army is the equivalent to a 20 piece chicken mcnugget but I'm afraid guest has a valid point. Fortunately this game is pretty dead so the amount of visitors and damage will be minimal, not that anyone would give a shit if the likes of Falcon and Pogue got hacked.
Re: http:// instead of https://
SSL (https) only encrypts the connection between you and the web server. I hope you're not under some sort of impression that the web server doesn't see your password in plain text, because it does... always...
More importantly though, you really have to enable persistent logins. It's ridiculous to have to relogin every time I come to the web site. What's the argument for not having this on in the first place?
More importantly though, you really have to enable persistent logins. It's ridiculous to have to relogin every time I come to the web site. What's the argument for not having this on in the first place?
Re: http:// instead of https://
Persistent logins have been enabled.
Re: http:// instead of https://
I see the button but I'm still getting logged out when closing my browser... clear some sort of cookie issue. I'm on stock Chrome, Win7 x64, no plugins.
Re: http:// instead of https://
I'm not sure what else can be done on my end. Can you double check your settings to be sure cookie/session data isn't cleared when you quit? I've reviewed cookie and session settings numerous times. I've did some googling to try and find other people with similar issues and didn't find any solutions -- just other people reporting the same problem.
Re: http:// instead of https://
Yeah I seem to only have the issue at work, so perhaps some network config thing could be affecting it there (although that's slightly odd). No issue on other phpbb forums, so not sure what's up, but thought I'd report it anyways. Not a huge deal since it seems to work fine at home.
Re: http:// instead of https://
If that's the case it sounds like I might actually have to tone down our session ip validation settings (https://www.phpbb.com/support/documenta ... r_security). Try to see if the same problem happens again at work. Is your home ip static?
Re: http:// instead of https://
I'll give it a try tomorrow at work. My home IP isn't static either, but it's "more static". Definitely I also noticed today that it had logged me off again at home, so maybe that's it.
Re: http:// instead of https://
I'm using whatever the latest version of IE is with Windows 7. If I click in forums for persistent login, then when I come back to the site from the main page it shows me logged in as anonymous in the top right, when I click on forum it doesn't show me logged in.
Re: http:// instead of https://
sup prom queen Cu.Cutard wrote:I realize the gross monthly salary in the Pakistani army is the equivalent to a 20 piece chicken mcnugget but I'm afraid guest has a valid point. Fortunately this game is pretty dead so the amount of visitors and damage will be minimal, not that anyone would give a shit if the likes of Falcon and Pogue got hacked.
Re: http:// instead of https://
the webserver sees the passwords as plain texts but administrators dont. the built in software prevents that which can be really annoying when having to manually reset pw's from the db..
Re: http:// instead of https://
Sure, but anyone with access to the php code could trivially modify it to reveal plain text passwords. I'm just saying that HTTPS does nothing to "protect" you if you don't trust the web server/administrator.liger wrote:the webserver sees the passwords as plain texts but administrators dont. the built in software prevents that which can be really annoying when having to manually reset pw's from the db..
Re: http:// instead of https://
To go on from my previous post...
If I have it set to remember me after logging in and then when I come back, I go directly to the forums without going to the main site first, then it keeps me logged in.
If I have it set to remember me after logging in and then when I come back, I go directly to the forums without going to the main site first, then it keeps me logged in.
Re: http:// instead of https://
Thanks for the feedback, dantski. I've made a quick change to handling cookies on the main site. Try the same thing and let me know if you still get signed out.
Re: http:// instead of https://
Ok it shows me logged in as Dantski on entering both main site and forum now.
GJ Tox
GJ Tox
Re: http:// instead of https://
Great, thanks. I found some things I want to change along the way. Still, hopefully this update will help a lot of the people having logout issues.
Re: http:// instead of https://
Actually scrap what I posted, navigated to main page and it showed me as anonymous and then it showed me logged out when I went to forum.
Re: http:// instead of https://
i smoked crack in a cab
stab u with the sharpest knife i could grab
come back a week later reopen your scab
stab u with the sharpest knife i could grab
come back a week later reopen your scab
Re: http:// instead of https://
Alright. Well, I'll have some new things to try over the weekend. Bear with me until then if you can, please.Dantski wrote:Actually scrap what I posted, navigated to main page and it showed me as anonymous and then it showed me logged out when I went to forum.