Strange URL in topic reply notification

Post Reply New Topic

I clicked on an emailed Topic Reply Notification as usual to open the page on WP, and to my surprise Firefox gave me this message instead:

"Warning: Potential Security Risk Ahead
Firefox detected a potential security threat and did not continue to dev.wrongplanet.net. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
What can you do about it?
The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem."

On perusal of the URL, I noticed a prefix to the left of the usual wording:

https://dev.wrongplanet.net/forums/viewtopic.php?f=3&t=399258&p=8842471&e=8842471

I tried removing the prefix (dev.), and thus modified, the URL took me to the correct place without any trouble.

So I'm just wondering, how did that happen? I strongly suspect there was no security threat at all, that it was just an error with the software that sends the notifications, but I guess there's an outside chance that the notification was intercepted and doctored by some rogue website for dishonest purposes. So I thought I'd best let you know.

It's a defunct development version; the security alert is generated because that site's security certificate is only valid for wrongplanet.net, not dev.wrongplanet.net.
Firefox tends to get a bit hysterical announcing these things and as you've discovered, removing the "dev." part restores sanity.

These "dev." alerts appear because links were posted while the dev. site was active, thus promoting a site which shouldn't really have become public. Nothing sinister - it's just that the forum software on that site was under development and might have introduced errors as a result; it wasn't considered stable enough for public use until testing was completed.

Unfortunately the dev. site ran in parallel and used the same posts database as the non-dev version so instances of that address form are scattered throughout it and consequently, update alerts using "dev." are likely to continue popping up occasionally until the related threads eventually fade away due to age and lack of interest, and updates die off.
Which can't come soon enough.

I see. Thanks for the explanation. Good to know it wasn't a hack.