Why is there no site certificate?
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
Because its free the owner hires volunteers to make his own rules for him and if anyone says anything like using their knowledge of free speech, they wait until they slip up so moderators get involved to use unecessary force to limit their rights in the future by making them look stupid and underage volunteers can jest and play around with people who they don't think that much of. (opinionated voice voided to suit their bland insinuations)
To break it down though, no one has any money and all free resources are supposed to be enahnced by the users settings for advanced protection. Failure of communication is therefore null before being exposed.
leejosepho
Veteran
Joined: 14 Sep 2009
Gender: Male
Posts: 9,011
Location: 200 miles south of Little Rock
^^ A mere opportunistic rant having nothing whatsoever to do with why this site does not have https set as its default!
The certificate actually already exists and anyone can use https manually. Only Alex could say why he does not make https the default, but my guess is that he does not see it as being necessary since there is nothing other than usernames and passwords to protect, and only during login.
_________________
I began looking for someone like me when I was five ...
My search ended at 59 ... right here on WrongPlanet.
==================================
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
The certificate actually already exists and anyone can use https manually. Only Alex could say why he does not make https the default, but my guess is that he does not see it as being necessary since there is nothing other than usernames and passwords to protect, and only during login.
There is a certificate but it is insecure, anyone with proxy sense and know how can see into it and check for site encryption, which it doesn't as it would be expensive and need qualified handlers to check and moderate the site frequently and with tact.
Why am I continually misquoted or misunderstood?! I'm allowed to quote a member question and I'll do so even if you've been here for more or less than ten years, its annoying that some would justify their behaviour as being ethical when their morals spek volumes otherwise.
leejosepho
Veteran
Joined: 14 Sep 2009
Gender: Male
Posts: 9,011
Location: 200 miles south of Little Rock
Then why did you ask why there is no certificate, and what do you mean by the certificate being "insecure"? Also, and while admitting I might be confusing some things or terms unwittingly while showing some ignorance, the fact remains that https (encryption for login or whatever) actually *is* available if people want to manually add the 's' in the address bar.
As far as overall site security is concerned, I highly doubt this site is vulnerable to intrusion. I am no expert in all of this stuff, but I have domains of my own at a BlueHost VPS account with a firewall and plenty of solid .htaccess where I have never had an intrusion, and I am quite certain this site has all of that and even more to protect itself and its visitors/users from external attack.
_________________
I began looking for someone like me when I was five ...
My search ended at 59 ... right here on WrongPlanet.
==================================
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
Then why did you ask why there is no certificate, and what do you mean by the certificate being "insecure"? \
As far as overall site security is concerned, I highly doubt this site is vulnerable to intrusion. I am no expert in all of this stuff, but I have domains of my own at a BlueHost VPS account with a firewall and plenty of solid.
Listen up, the origins of this planets database, state otherwise. The OP wasn't talking about access, he was discussing why the site does not havd a valid certificate, anybody can look it up on any norton sercurity scan setting or cloudfare operating system. Hacking, which brings the site down on malware and insecure encryption intrusion..are added for the ads and pop ups, made via the forums mass funding distributors who invalidate everything, based on cashing in on their resources.
Please inform Alex if you have come forth bearing fruit, any valuable information would be good for the site and its leader.
The site has a valid ssl certificate.
_________________
I'm Alex Plank, the founder of Wrong Planet. Follow me (Alex Plank) on Blue Sky: https://bsky.app/profile/alexplank.bsky.social
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
I can't understand what you're asking but if you're browsing the site over SSL, it's secure. Make sure to use HTTPS. https://wrongplanet.net
_________________
I'm Alex Plank, the founder of Wrong Planet. Follow me (Alex Plank) on Blue Sky: https://bsky.app/profile/alexplank.bsky.social
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
Alex, Everyone knows the SSL,and thats the problem. You may have stopped sharing it now, but other cloudfare user scripts were over-riding this once and that's most likely where the spam has originated itself from.
It is only secure if users protect themselves from the sites encryption probs, you've had to deal with it too, so you know. No point in hiding behind the curtain.
The bigger a network, the more safety risks posed, so users like me had to use encryption on our androids to stop the threat of the harmful web bugs. You only have to agree with your aliases but haven't had to share the bait(us) with them.
This may have happened to me a while back, before I reset it but its ok just on a tablet now.http://www.techrepublic.com/article/enc ... -security/
Have you seen this?https://www.comodo.com/ssl-certificate-auto-installer/?key5sk1=1a0cc5ecbcc77c7cb5bbcba5043e1dafd9891bd4#_ga=2.112788288.514410999.1498959162-52339879.1498959162
Don't know the price, but it's worth finding out..if you change your mind.
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
That's also what i keep saying. We the users are trying to support site admin a bit too. Try a few SSLs and see what comes of it. I've left a bold one open for some advice and free input.
Purchase a new SSL certificate
Only the Comodo certificate provided in this process is supported in FileMaker Cloud. If you choose to use a different SSL certificate, be sure to test it before going into production.
Use a certificate tool such as OpenSSL to create a certificate signing request (CSR) for your domain name, along with a corresponding private key file. By default, these files are created in your home folder as "myserver.key" (private key) and "server.csr" (CSR). Specify your domain name, email address and company name during CSR creation.
In the Cloud Console (https://<yourdomain>/console#/login), go to Configuration > SSL Certificates, and click "Purchase Comodo Certificate" to begin Comodo's SSL purchase process.
Note: If the trial SSL certificate has expired, you cannot access the Cloud Console in Safari using the hostname. As a workaround, use a differnet browser or use the instance's IP address until the SSL certificate is renewed.
Following Comodo's on-screen prompts, provide information including:
The contents of the CSR created in step #1. Open the CSR in a text editor and copy the entire contents into the space provided on Comodo's page.
Select "Other" as the server software used to generate the CSR.
Select the number of years the certificate will be valid for (1, 2, or 3).
Select your DNS email address for domain validation to verify that you are the owner of the domain specified in the CSR.
An email will be sent to your new DNS email account. Login through the DNS registrar's website to manage this account and acknowledge the domain validation email from Comodo.
[email protected]
I have no idea what you're talking about. As I said, if you access the site via SSL, you will have a secure connection. If you access the site over normal http, obviously it's not encrypted.
_________________
I'm Alex Plank, the founder of Wrong Planet. Follow me (Alex Plank) on Blue Sky: https://bsky.app/profile/alexplank.bsky.social
The site IS using SSL and your connection to and from the site IS secure. The warning you're getting is because the site isn't going through a third-party vendor for the SSL certificate. All a third-party SSL does is offer third party validation that the site is what it says it is. Browsing a few posts here is all it should take for you to accept that this is indeed the legitimate WP. Some browsers go apeshit crazy over 3rd party SSL, it so happens they also have business deals with third-party SSL vendors. Long story short: you're getting that warning because WP isn't paying third-party scam artists to turn it off, and that's the only reason.
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
Exactly Aristophanes, thanks for quoting me,I was referring actually to third party SSLs, and the link with Cloudfare and modern encrypted browsers. Maybe thats changed now..
And.., as I said, i was having these problems that others had shared and also, a certain someone said that you
couldn't adjust the SSL with the TCP or IPs for foreign servers. (Like in the U.K).
So, maybe someone can please clarify my modest input for what it is.
That's maybe because you'd rather not listen to the females of W.P.
How comes you aborted Cloudfare? surely its supposed to enhance encryption levels but the downside is it slows down internet providers, such as mine and other peoples.
Exactly Aristophanes, thanks for quoting me,I was referring actually to third party SSLs, and the link with Cloudfare and modern encrypted browsers. Maybe thats changed now..
And.., as I said, i was having these problems that others had shared and also, a certain someone said that you
couldn't adjust the SSL with the TCP or IPs for foreign servers. (Like in the U.K).
So, maybe someone can please clarify my modest input for what it is.
That's maybe because you'd rather not listen to the females of W.P.
How comes you aborted Cloudfare? surely its supposed to enhance encryption levels but the downside is it slows down internet providers, such as mine and other peoples.
There's too many issues out there, we were bound to agree on something at some point, as distasteful as that may seem.
Empathy
Veteran
Joined: 30 Aug 2015
Gender: Female
Posts: 1,548
Location: Sovereign Nation & Commonwealth
And.., as I said, i was having these problems that others had shared and also, a certain someone said that you
couldn't adjust the SSL with the TCP or IPs for foreign servers. (Like in the U.K).
I just hope for mine and everyones sakes out there, that cloudfare issues have been aborted for good so that no more site encryption can take place on any browser or displaced ruminage of the site.
I guess my qsts have interfered too much with the sites official stamped ownership now, by biting off more than is deemed necessary for an average user like me. Clearly an interest that affects U.k users is deemed out of bounds, but I have an old Ideapad, and it's more than equipped to beat off the old controversies and former ways of this sites processes and protocols.
And also, Cloudfare is just a bargaining chip for other shared site users out there, to access CPU caches that steals encryption.
I'm sure as a computer systems web programmer, you've done and tidied all your research already, but some more input can't be ruled out, not when all these problems are still coming up on other threads, like the not logging in straight away, resubmitting forms,check your browser again, even on InPrivate browsing it is against, so you must have used some double layered spam filtering for that, and maybe the spell checker was taken away because it used other means of invisible encryption.
http://searchcloudsecurity.techtarget.c ... d-security
Anyway..Carry on at your convenience