Jump to content

?


Observer II

Recommended Posts

On 12/3/2020 at 12:52 PM, asperity said:

I got this last night and again now, on Firefox and Microsoft Edge. I'm staying away until it's fixed.

It is fixed and doesn't appear to have caused any issues - this things happen from time to time and I just generally caused by browser updates and cookies deciding something is unsafe

  • Upvote 2
Link to comment
Share on other sites

8 hours ago, Gary said:

It is fixed and doesn't appear to have caused any issues - this things happen from time to time and I just generally caused by browser updates and cookies deciding something is unsafe

Thanks Gary, though I'm still getting a warning that signing in "may" be unsafe.

Link to comment
Share on other sites

I will try one more time.

This site is as safe as it ever was, just get on with it while they sort out the misconfiguration. Gary is not just saying that, it is true.

 

I get this displayed on by Edge Browser on Windows10

 

It is already giving a message the https is crossed out. That is all that is wrong, but you didn't use https before - it was always just http.

With https the server and your computer negotiate a set of encryption keys so that the http (hypertext transfer protocol) can carry web pages and responses). People use https i.e.(hypertext transfer protocol secure) so things like passwords and credit card numbers and cvv numbers with real value can sent with out fear of a man in the middle copying them and reusing them. The NOT secure refers to the fact that you shouldn't make purchases on the link to the server or disclose personal information. 

This is just what Edge tells you

Your connection isn't private

Attackers might be trying to steal your information from forum.warrington-worldwide.co.uk (for example, passwords, messages or credit cards).

NET::ERR_CERT_COMMON_NAME_INVALID
 
Look at the bottom line ERRor Certificate Common Name Invalid
Press advanced
It now adds

This server couldn't prove that it's forum.warrington-worldwide.co.uk; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection.

Continue to forum.warrington-worldwide.co.uk (unsafe)

Someone has indeed put an invalid certificate where it wasn't needed. Your browser can see it is a valid certificate from Cloudfront. It is seemingly being used for encrypting http in transit across the Internet. The default behaviour if you continue is to cross out the https to warn you not to send confidential information. so as in the first display in the mail and it uses red to remind you not to send confidential information including passwords with value.

So just press the continue option and notice the warning but take a sensible view that you understand what it is saying and it does not affect your intended use of the site.

Now you lot are seasoned users, and don't usually get a secured connection on this site anyway, so stop messing about and start using it again. Your browser isn't clairvoyant, it doesn't know things about the site that you can't see. Time to get on chaps and eventually the bozo in the US who put the certificate in will fix it.

The really big problem is if you lack the confidence to get as far as reading this post of course! 

  • Haha 1
Link to comment
Share on other sites

55 minutes ago, Bill said:

Yep that's fixed it and now we've even got the padlock that I don't think we had before the big warnings.

Good stuff!

 

Bill :)

Correct. The fix was to put an Amazon Cloudfront certificate up and leave https enabled. The Common name is now correct, CN = forum.warrington-worldwide.co.uk, and so the padlock appears. I guess they just enabled tls/ssl on all the forums and waited for people to moan about the certificates and lose revenue while they fixed it!

Link to comment
Share on other sites

1 hour ago, asperity said:

I remember in the 50's they regularly tested the siren on Stockton Heath police station in case our Russian Friends decided to flatten us.

What was the point? I would not want to know that in 3 mins I was going to be vapourised :-(

 

  • Haha 2
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...