And no-one noticed…

[Neil WyattModerator @neilwyatt]

Website now more secure

[Neil WyattModerator @neilwyatt]

Forum members who use the Chrome browser may not have noticed anything odd today.

You haven't been warned that the forum website is not secure.

This is because we changed to HTTPS in mid-May.

Several forum members had grumbled about it when we were still HTTP, but no-one appears to have noticed the change. Seeing the news about the change in Chrome I thought it might be worth drawing the change to everyone's attention!

Neil

[JasonBModerator @jasonb]

I use chrome all the time and never got any warnings about this site so that's why I did not notice anything different

[Brian WoodParticipant @brianwood45127]

I'll second Jason, a seamless change as far as I was concerned

Brian

[Neil WyattModerator @neilwyatt]

Chrome only started giving warnings today, but we made the over change two months ago.

[Patryk SochaParticipant @patryksocha88647]

My chrome shows your HTTPS as secure…

[Ian Skeldon 2Participant @ianskeldon2]

Firefox says secure ?

[Former MemberParticipant @formermember19781]

[This posting has been removed]

[Former MemberParticipant @formermember19781]

[This posting has been removed]

[V8EngParticipant @v8eng]

Safari seems to just get on with stuff.

Edited By V8Eng on 24/07/2018 20:17:44

[Neil WyattModerator @neilwyatt]

Oh woe…

My point is that the site has been secure for over two months and no-one noticed.

[Mark RandParticipant @markrand96270]

Spent a couple of hours last night sorting out certificates for nine bl**dy domains that I and SWMBO and her rat club run on my server. Still got another half dozen to do, but aren't as worried about those, since they are amost unused now.

 

Not overly worried about man-in-the-middle injection/attacks on the ME forum, unless the PM or HSM fora start redirecting stuff .

 

Edited By Mark Rand on 24/07/2018 21:20:41

[Alan VosParticipant @alanvos39612]

Posted by Neil Wyatt on 24/07/2018 21:14:05:

Oh woe…

My point is that the site has been secure for over two months and no-one noticed.

I am the IT department of a small company. People may notice that something has been improved. The chances of any of them taking the trouble to acknowledge that improvement are low. You are not alone.

[Roderick JenkinsParticipant @roderickjenkins93242]

We did notice, Firefox now automatically logs in. You said it would happen and it did. If you need a pat on the head consider it done.

Rod

[Trevor Crossman 1Participant @trevorcrossman1]

Well I certainly did not notice anything different, but that isn't because I don't care about your efforts Neil, or I'm unobservant ,but is simply because I use three different operating systems ( Apple, Android and W10) on three different devices through each day, and nearly every day something gets updated, or changes, or appears different and I have absolutely no control over that! So the only thing that I bother about is when I make an online purchase,and I then look for the 'padlock' icon before proceeding.

If you've made the Forum better Neil, then thank you !

Trevor

[V8EngParticipant @v8eng]

Sorry Neil I mistook what you were stating and only look for a padlock if purchasing.

Thank you for improving our security.

[Raymond Sanderson 2Participant @raymondsanderson2]

So what you are saying Neil prior that under Chrome the forum wasn't secure but was elsewhere?? Gone the days of just creating a web page and it would work across all browsers then again they were the days we only had Microsoft & Netscape.

[Neil WyattModerator @neilwyatt]

Don't give me any credit…

> So what you are saying Neil prior that under Chrome the forum wasn't secure

No, it's just that of recent year or so it's got fashionable to put the frighteners on people for any non-HTTPS site, even if it doesn't need to be secured. If you don't use the website to share/send data that needs to be kept secure you don't actually need HTTPS.

The forum was technically not as secure as it could have been, but bear in mind that the subscriptions site that handled your money/card details has always been HTTPS

Neil

[Ady1Participant @ady1]

the forum website is not secure

Not secure from what Neil?

I only ask because I've been online for 20 years and still using XP and never had any hassle on forums

Edited By Ady1 on 26/07/2018 00:41:20

[Neil WyattModerator @neilwyatt]

Posted by Ady1 on 26/07/2018 00:39:12:

the forum website is not secure

Not secure from what Neil?

I only ask because I've been online for 20 years and still using XP and never had any hassle on forums

Edited By Ady1 on 26/07/2018 00:41:20

Good question, we've never had a report of a forum user being compromised, but clearly it does happen to some websites.

[Alan VosParticipant @alanvos39612]

Posted by Neil Wyatt on 25/07/2018 23:31:18:

If you don't use the website to share/send data that needs to be kept secure you don't actually need HTTPS.

There is a bit more to it than that. HTTPS gives improved confidence that you are looking at the genuine content from the real website. Imagine a fake version where all the safety advice had been removed and replaced with advice to follow what are actually dangerous practices.

I don't recall seeing a certificate with that many Alt Names before, but all within the rules.

[george AldousParticipant @georgealdous13656]

I remember a couple of months ago not noticing anything different...

sorry couldn't resist.

[OuBallieParticipant @ouballie]

iPad and Safari seamless.

Geoff – Yesterday produced 3.5kg Boerewors.

[Cornish JackParticipant @cornishjack]

Apologies, Neil. Should have remarked the change but only found out recently by accident. My log-on process was to delete the 's' , otherwise Firefox would fail to recognise the address. Brain-fail a couple of days ago and forgot the deletion but it worked!! Anything to ease the load on the diminishing neurons is jolly good – so thanks for the change.

rgds

Bill

[Author]

Posts