Forum security

Shannon Llewellyn · Status: Offline

RE: Forum security

Simon Gough · Status: Offline

I'll take that John!

Cheers

Simon

John Watson · Status: Offline

Simon, you're hero of the day

I use a home-made Home Page to access all my favourite sites: easier for me & the family. Until today, I used

https://www.manchesterbirding.activeboard.com/ cry

Now I use

https://manchesterbirding.activeboard.com/ biggrin

And it works !

If I manually type in the old version, it still fails - so I won't

Anyone who uses Favorites, Bookmarks, Pins, etc could learn from this

Simon Gough · Status: Offline

John,

Have you tried navigating to the website from a google search or similar? If you are using a bookmark or a similar stored example of the address to access the website, I would expect you to always get the message. It is nothing to do with caching in that sense, more that the stored web address URL is out of line with the change that Ian described in the first place.

If you haven't done so already, I would advise googling the website and navigating to it from the search result and if you get the error message from that then I will have to concede I am at the edge of my knowledge of such things!

Hope this helps

Simon

John Watson · Status: Offline

I still get the same message every time I logon. I use IE11

I'm really uncomfortable with bypassing security msgs

I've cleared every cache I can find, but still get the warnings confuse

Paul Wilson · Status: Offline

I get this message:

The hostname in the websites security certificate differs from the website you are trying to visit.

Error Code: DLG_FLAGS_SEC_CERT_CN_INVALID

Go on to the webpage (Not recommended)

Not a major problem, but it should be sorted out as new visitors would be put off. I use Edge, by the way.

John Watson · Status: Offline

Using IE11, I tried clearing the cache as I figured that was the problem. Didn't work - probably not doing it right

I've ignored security warnings in the past, and my email address is now scattered throughout the internet - hence daily spam

Anyway, I bit the bullet & can now use the site safely. SSL is definitely the way to go. Thanks for guidance, Ian

David Pierce · Status: Offline

I had to clear all browsing data and then start again to stop the message appearing (using Google Chrome)

Rob Creek · Status: Offline

I got the same message too on Friday night but it didn't cause any undue worries, I simply refreshed the page and it's been fine since.

sid ashton · Status: Offline

Simon Gough wrote:
Thanks for the update Ian, as I was wondering what was happening.

This issue meant that my bookmarked link to the site was getting the security warning, so people might well find that they need to navigate to the site from scratch, so to speak, and then create a new bookmark. I have done that and the access by bookmark is fine again.

Cheers

Simon

Yes Simon I did just that and all is well again.

Simon Gough · Status: Offline

Thanks for the update Ian, as I was wondering what was happening.

This issue meant that my bookmarked link to the site was getting the security warning, so people might well find that they need to navigate to the site from scratch, so to speak, and then create a new bookmark. I have done that and the access by bookmark is fine again.

Cheers

Simon

Ian McKerchar · Status: Offline

Some of you may have received a security alert message from your internet search engine this evening when trying to connect to the forum, informing you that basically the site may be being impersonated (having been hacked). I can confirm that this is NOT the case and the forum is working perfectly normally, in fact, better than ever!

This evening, the forum hosting company automatically enabled SSL secure encryption on the forum, which will be much more secure for anyone using it, although the forum never has and never will hold personal data on any of its users anyway. When now using older (cached) pages of the forum, search engines recognise that they are not the newly existing SSL versions and believe them to be possible imitations which is giving rise to the security messages. For me (I initially got the security message too!), just connecting to the new site has cleared any problems but perhaps clearing your cache may be an option too.

Details of the upgrade from the hosting company are below:

In continuation with our push towards an increasingly secure ActiveBoard environment, we're now planning to enable TLS/SSL encryption (HTTPS) on all forums on September 28th, 2018.

HTTPS ensures that transmitted data is private, and protects against eavesdropping attacks. It also helps prevent tampering with requests, and injection of malicious advertisements or code into the pages you view. Additionally, HTTPS enabled forums should also see an small increase in Google search rankings, as they have indicated that HTTPS sites will be favoured over HTTP sites.