Announcement

Collapse
No announcement yet.

Security Certificate Issue.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • DemOnstar
    replied
    Originally posted by snakes1100 View Post
    The ~ isnt a issue, its the way this account is being rewirtten on the URL when you visit https://www.mightymoiety.com

    These do work https://www.mightymoiety.com/activity.php & http://www.mightymoiety.com/activity.php w/ the exception of the css issue for your style.

    It appears that someone has either set a redirect to https://www.mightymoiety.com/~mightyn0/activity.php or improperly setup the account on the server.
    I am totally baffled at this point.....

    css issue?

    My site is down now and has been for 6 hours.....

    Thank you snakes 1100, you are truly outstanding.... I have no real idea of what is going on and I have been sat at my computer for 12 hours now and find it all very confusing.... Time to sleep my friend.... Tomorrow I will be back to see the next installment in this uploading episode....

    Outstanding individual of the month award goes to you.....

    Leave a comment:


  • snakes1100
    replied
    The ~ isnt a issue, its the way this account is being rewirtten on the URL when you visit https://www.mightymoiety.com

    These do work https://www.mightymoiety.com/activity.php & http://www.mightymoiety.com/activity.php w/ the exception of the css issue for your style.

    It appears that someone has either set a redirect to https://www.mightymoiety.com/~mightyn0/activity.php or improperly setup the account on the server.

    Leave a comment:


  • DemOnstar
    replied
    It wasn't an issue to me either this (~) thing but I don't recall ever seeing that in any other url....and since it has been pointed out and remarked upon, I begin to think it may well be an issue...
    But if you tell me it is not an issue, I will believe you instantly.... Your knowledge of these things way outweighs mine.....

    Leave a comment:


  • snakes1100
    replied
    As this is a cpanel server the ~ is not a issue, but is in fact a compiled in setting for vhosting on that server.

    Ie...
    hostname.mightymoi.com/~mighty1 = Is actually myotherdomain.com
    hostname.mightymoi.com/~mighty2 = Is actually another domain my2nddomain.com
    hostname.mightymoi.com/~mighty3 = Is my3rddomain.com
    hostname.mightymoi.com/~mighty4 = Is my4thdomain.com
    hostname.mightymoi.com/~mighty5 = Is my5thdomain.com

    Etc, this can be used for many things including old style IP based hosting, but can also create a way for clients to bypass BW limits. It can also be used for effectively testing between DNS changes.

    Leave a comment:


  • DemOnstar
    replied
    Originally posted by Stallyon View Post
    There's still some issues with your Apache config that obviously needs fixing. The tilde (~) should not be coming up in the address.
    I noticed the tilde also but my knowledge of these things is miniscule. I didn't know what it was there for... Apache related?
    As far as root access is concerned, I may not understand clearly what you mean. As far as I understand root access is I have access to the forum root via filezilla.
    I fear now that you are talking about something completely different....

    I bought webspace, I uploaded VB, I bought the ssl and dedicated IP. I have configured nothing. It doesn't really appear to be that easy to create an online presence....

    So now I have to look into Apache config? Wow.. I have absolutely no idea what that is about.....

    Could you tell me more? Is it something to do with mod_rewrite as I have seen this thing floating around somewhere....

    Thanks....Very good.....

    Leave a comment:


  • Stallyon
    replied
    There's still some issues with your Apache config that obviously needs fixing. The tilde (~) should not be coming up in the address. I'm just a little confused that you have root access on a shared server. Is it a VPS or cloud? Root access is usually only on dedicated, VPS and cloud servers otherwise everyone would be messing with the httpd.conf file, etc.

    Leave a comment:


  • DemOnstar
    replied
    I think I just bought a ssl cert and dedicated IP, shall see how that goes....

    The whole process of buying software, customizing, looking for mods, buying webspace and now this ssl stuff is a total pain.... I don't think I will be doing it again.

    Thanks snakes1100, you have helped me with a couple of issues, much appreciated....

    Leave a comment:


  • snakes1100
    replied
    Your going to be presented with a message from browsers if the cert is actually invalid, also if its a "self signed cert" you created on the server, self signed server certs, regardless of it being even 2048 bit, will still trigger that msg in IE

    Leave a comment:


  • DemOnstar
    replied
    Originally posted by Stallyon View Post
    I will give you two things to try. Firstly, do you have root access? Let me know if you're on a shared server. Do you have cPanel or something similar?
    I have root access yes. I am on a shared server also (Justhost.com). And I do have cPanel....

    I bought the certificate and the dedicated IP. Currently site is down due to some DNS related procedure...
    4 hours they estimate.

    Thanks...
    Last edited by DemOnstar; Mon 12th Aug '13, 3:40am.

    Leave a comment:


  • durruti
    replied
    This is certainly a technical issue with the host.
    Anyway, I've sent you a PM.

    Leave a comment:


  • Stallyon
    replied
    I will give you two things to try. Firstly, do you have root access? Let me know if you're on a shared server. Do you have cPanel or something similar?
    Last edited by Stallyon; Sun 11th Aug '13, 3:11am.

    Leave a comment:


  • DemOnstar
    replied
    I don't need https but it seems that the default for 4.2.1. And yes, it is complicated but may prove useful as the site isn't ready yet. Live but not ready. For the time being, I don't really mind the security issue but later, I need to get rid of it. As ever Joe, thanks for the support. I could go further but these are sensitive times. Cheers.

    Leave a comment:


  • Joe D.
    replied
    Setting it to no is actually what I do for my VB4 site because I have a main domain name, and a secondary one pointed to the same forum installation. You may need to add he additional domain to the redirect domain whitelist in settings to allow people to log in from either. Facebook app need to be updated to work on both domains if you use Facebook Connect.

    If you don't need https it seems like complicating something for no reason though.

    Leave a comment:


  • DemOnstar
    replied
    Originally posted by Joe D. View Post

    Ask them exactly what URL the SSL certificate is registered to?
    They told me it was issued to the server and suggested it was something in my site that caused it or needs editing.

    Originally posted by Joe D. View Post
    Did you buy it yourself?
    I didn't think I needed one. I am not dealing in money, credit cards etc....

    Originally posted by Joe D. View Post
    If you change it to NO it will use whatever URL you browse in on but I'm not sure if it will break. You could try setting it to No.
    I changed it to no and it seemed ok.... I also tried removing the s in https://www.mightymoiety.com/~mightyn0 but it affected to css so I had to restore again.
    How will setting it to no affect it everything else?

    Thanks for your help Joe...

    Leave a comment:


  • Joe D.
    replied
    The Admin CP pages don't use stylevars so they will get the file called favicon.ico in your website root directory, Your front end pages use stylevar so they will get whatever fav icon you specified in image paths in the stylevar editor.

    You need to make sure both of these are the same files if you care about the favicon in the admincp (or modcp for that matter.) This is the same as in VB5.

    As for the "forces https" response I really don't understand, if it is a secure page it has to be displayed via https, there is no choice in the matter.

    Ask them exactly what URL the SSL certificate is registered to?

    Did you buy it yourself? If you didn't they may be trying to piggyback your site onto their SSL certificate which may not work.

    My guess is they mean the setting - In Admin CP -> Settings -> Options - Site Name / URL / Contact Details -> Always use Forum URL as Base Path. By default this is set to YES. It fores the correct URL to be used every time. If you change it to NO it will use whatever URL you browse in on but I'm not sure if it will break. You could try setting it to No.
    Last edited by Joe D.; Fri 26th Jul '13, 1:55pm.

    Leave a comment:

Related Topics

Collapse

Working...
X