Please support your Forums and purchase some Merchandise

Welcome, Guest. Please login or register.

News: Read Off-road destination Tips :cup: in Trips Old and Planning!

Please register to join the community and see all of the OzIsuzu Forums
SimplePortal 2.3.7 © 2008-2024, SimplePortal

Author Topic: Forum Security Error  (Read 8649 times)

0 Members and 1 Guest are viewing this topic.

Offline DannyG

  • Administrator
  • XRunner Member
  • *****
  • Join Date: Oct 2014
  • Location: Tasmania
  • Posts: 2609
  • Thanked: 321 times
    • DannyG.com
Forum Security Error
« on: Jul 02, 2020, 12:37:36 PM »
Apologies to anyone effected by the security certificate error we had today.

Our site security certificate is set to auto renew, which it did, however I didn't realise I had to update the site to use the newly renewed certificate.

All sorted now. There was no threat even though some browsers will suggest there was, they do that purely because they see that the certificate was expired.
"People will forget what you said, they will forget what you did, but people will never forget how you made them feel"

 
The following users thanked this post: monbeg, Mike C, sdouglas, Jonno, Pete57, jack-fc, sharkcaver

Offline Bob

  • XRunner Member
  • *****
  • Join Date: Dec 2014
  • Location: Baldivis WA
  • Posts: 2194
  • Thanked: 390 times
  • Car Type: DMAX
  • 2014 LST Auto
Re: Forum Security Error
« Reply #1 on: Jul 02, 2020, 12:45:57 PM »
Thanks Danny, I knew you would be onto it. :occasion14:
2014 LST Ash Beige. SMM Steel canopy, Outback Drawers, dual battery with 2 x 160W solar panels (keeps the beers nice and cold), 135L tank, TJM T15 alloy bar with Xray-vision LED lights, Dumbo Clearview Mirrors. The ultimate tow truck.
 

Offline DannyG

  • Administrator
  • XRunner Member
  • *****
  • Join Date: Oct 2014
  • Location: Tasmania
  • Posts: 2609
  • Thanked: 321 times
    • DannyG.com
Re: Forum Security Error
« Reply #2 on: Jul 17, 2022, 07:52:00 PM »
Hi Guys

Some will have noticed our security certificate has expired again and Its happened while I am away  :sad10:

Ill sort it out later in the week when I have time to work through the process of updating the site to see the new certificate.

Sorry for any inconvenience. Your user information is safely stored in an encrypted database so its causing no harm.

"People will forget what you said, they will forget what you did, but people will never forget how you made them feel"

 

Offline WAI4WD

  • XRunner Member
  • *****
  • Join Date: Apr 2021
  • Location: Richmond Melbourne
  • Posts: 1102
  • Thanked: 303 times
  • Car Type: DMAX
    • Wife & I 4WD
Re: Forum Security Error
« Reply #3 on: Jul 17, 2022, 09:01:30 PM »
Your user information is safely stored in an encrypted database so its causing no harm.
No its not, just FYI. Simple Machines DB is not encrypted. Using SSL does not encrypt DB data. SSL encrypts content being sent between the user and the server. All data at both ends is plain text. All the info in the server DB is there for the taking if hacked. Edit: Quick search, SMF it seems still only use SHA-1 for password hashing, which is broken and completely insecure for even storing passwords.

Have you looked at using Cloudflare? Free CDN, free SSL, DDOS, and much more. All free. You don't have to worry about renewing SSL, as you download their SSL to secure between your server and cloudflare, then Cloudflare auto renew freely the user cert between the browser and cloudflare. The fastest DNS of all providers. It will dramatically improve speed and performance of this site for all users.
X-Terrain 2021 with a long list of to-do's.
 

Offline Bob

  • XRunner Member
  • *****
  • Join Date: Dec 2014
  • Location: Baldivis WA
  • Posts: 2194
  • Thanked: 390 times
  • Car Type: DMAX
  • 2014 LST Auto
Re: Forum Security Error
« Reply #4 on: Jul 18, 2022, 03:04:41 PM »
Came good for a while but is now doing it again :BangHead:
2014 LST Ash Beige. SMM Steel canopy, Outback Drawers, dual battery with 2 x 160W solar panels (keeps the beers nice and cold), 135L tank, TJM T15 alloy bar with Xray-vision LED lights, Dumbo Clearview Mirrors. The ultimate tow truck.
 

Offline yvesjv

Re: Forum Security Error
« Reply #5 on: Jul 19, 2022, 04:56:44 AM »
Confirmed.
Saw it as I connected this morning.
Looks like a Sectigo cert on Godaddy.
https://sectigostore.com/page/how-to-install-sectigo-ssl-on-godaddy/

bash-5.1$ openssl s_client -showcerts -connect ozisuzu.com.au:443
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 CN = www.ozisuzu.com.au
verify error:num=10:certificate has expired
notAfter=Jul 16 23:59:59 2022 GMT
verify return:1
depth=0 CN = www.ozisuzu.com.au
notAfter=Jul 16 23:59:59 2022 GMT
verify return:1
---
Certificate chain
 0 s:CN = www.ozisuzu.com.au
   i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgIQElr48cw1+7GrkrFlHq14XzANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIwMDcwMjAwMDAwMFoXDTIyMDcxNjIzNTk1OVowHTEbMBkGA1UEAxMSd3d3
Lm96aXN1enUuY29tLmF1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
z574jnrYV1o1ybc8iFAdTZKLNhotnwmePznfXQ2yLunvgn6J0mRxv4Uj49OrvwI+
RoaXP74SWJTAHZiROPmM7vdb2l95/D5V6Ae1xK5AqNQzFjU5e8NawYY+H0Yeab61
pg0h4tE27vlrek5G5PHRivny67ZwGCEy3PrNDJLw2ii7AKkZ+G1WIlSNZeelEqfq
AqY/1O6maXElNXYhiQOoMRTvuSL1J3Dd8Tc89u4+kjwrm+lqbmqeSXCp/ZEeRe4C
JTH0m9B/jJ3fP2fusDWwjtDU5za2mvxu7DtJG8HVKAo/dx5d1LOlPHemb1bdL1Rs
qLC5uyGOYwj0qc05KIsiwwIDAQABo4IDAzCCAv8wHwYDVR0jBBgwFoAUjYxexFSt
iuF36Zv5mwXhuAGNYeEwHQYDVR0OBBYEFDvFW4aF4kkMSSF4os/RehFM9ZqXMA4G
A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIHMCUwIwYIKwYBBQUH
AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBhAYIKwYBBQUH
AQEEeDB2ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3Rp
Z29SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUF
BzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAtBgNVHREEJjAkghJ3d3cub3pp
c3V6dS5jb20uYXWCDm96aXN1enUuY29tLmF1MIIBfQYKKwYBBAHWeQIEAgSCAW0E
ggFpAWcAdQBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXMNT0q9
AAAEAwBGMEQCIEJMbm1nSG/jOBzd3NeiFJE2wls6eSI8ip8zmvDaWEL4AiAFtdw3
5ts17yjFOGdaTIeuVfYN8CMb8iptH9DBb+qTIgB2AN+lXqtogk8fbK3uuF9OPlrq
zaISpGpejjsSwCBEXCpzAAABcw1PS2IAAAQDAEcwRQIgMNbQ4hR1U+B5OSOc4UZM
S132BHFW/kPidL4vEuT9o9wCIQDcduG7GXSv/TVisV9YpB0yA+YqbJv259KzMjMa
bWZs4gB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABcw1PURYA
AAQDAEcwRQIgWz7UOzF9bcoYYGYKH7QOyK4JquFkDjOcKbH/YHsN7JECIQCxHmAO
ANDmwDSv0flEP4mIExv6IKkUmR2qOYg+/FYhjTANBgkqhkiG9w0BAQsFAAOCAQEA
hA4t3noB1Cvbk50vuwLjNFIJAFUdNCdeDNkqZh+oGBDCBDcSB7vUmBt2oXdaZNwy
Lthikvqs/VaHgc1KpukI4+k8XGGAAOl0GcnJ+63A/XZn9onShRaH6htVup+TWSdp
Jk5lmYgVO1RygOgHP6WVAC7JqbCQEsYGf69zAKuT6WH+GPt/kiIr6GagiTfXhzDE
IuWrGulUznCUgsSx+vJJ1QKCLtVDK8hm4Gq+LlAeWymTsi0gGL/xQjxZtB+U5kX6
YY5jzWuFDqxsQBL51zWkco2xlAwje3VbKTX+KFJ4sRQR7eRfQnQtBYiOCSw8355s
mGumIr2WQzXucfqq6vK8UA==
-----END CERTIFICATE-----


 

Offline DannyG

  • Administrator
  • XRunner Member
  • *****
  • Join Date: Oct 2014
  • Location: Tasmania
  • Posts: 2609
  • Thanked: 321 times
    • DannyG.com
Re: Forum Security Error
« Reply #6 on: Jul 19, 2022, 10:49:41 AM »
I think I have fixed the issue.

Im not great at this type of thing so can I please get someone to verify that we are now up to date and the https side of the forums is working as it should please?

Thanks and sorry for any inconvenience.
"People will forget what you said, they will forget what you did, but people will never forget how you made them feel"

 

Online pig75

Re: Forum Security Error
« Reply #7 on: Jul 19, 2022, 11:22:57 AM »
working now
90MU, 91MU ute & 92MU, 96 Wizard, 2019 Dmax LSU, 2014 MUX LST

If beef is in beef mince what is in pet mince
 

Offline yvesjv

Re: Forum Security Error
« Reply #8 on: Jul 22, 2022, 12:39:19 PM »
Valid for another year.
Subject   ozisuzu.com.au
Valid from 19/Jul/2022 to 19/Aug/2023
Issuer   Sectigo RSA Domain Validation Secure Server CA
 

Offline DannyG

  • Administrator
  • XRunner Member
  • *****
  • Join Date: Oct 2014
  • Location: Tasmania
  • Posts: 2609
  • Thanked: 321 times
    • DannyG.com
Re: Forum Security Error
« Reply #9 on: Jul 22, 2022, 04:19:58 PM »


Have you looked at using Cloudflare? Free CDN, free SSL, DDOS, and much more. All free. You don't have to worry about renewing SSL, as you download their SSL to secure between your server and cloudflare, then Cloudflare auto renew freely the user cert between the browser and cloudflare. The fastest DNS of all providers. It will dramatically improve speed and performance of this site for all users.

Hi sorry I missed this. I am a complete numpty on this type of thing so I have no idea what you are talking about  ;D But it sounds like my price range....... I just dont know what to do  :evil6:
"People will forget what you said, they will forget what you did, but people will never forget how you made them feel"

 

Offline WAI4WD

  • XRunner Member
  • *****
  • Join Date: Apr 2021
  • Location: Richmond Melbourne
  • Posts: 1102
  • Thanked: 303 times
  • Car Type: DMAX
    • Wife & I 4WD
Re: Forum Security Error
« Reply #10 on: Jul 22, 2022, 06:45:10 PM »
Cloudflare is the largest DNS provider, which just happens to come with CDN and lots of other free features. Paid plans have more, but you don't need them for basic website management.

You create a cloudflare account.

You change your domain DNS to point at cloudflare instead of at your server.

You point cloudflare DNS to your server. Most domain registrars don't provide full DNS control nowadays, cloudflare does, FREE.

When the domain is picked up in cloudflare (takes about a minute or two), you can then create an Origin SSL, which is typically 15 years. That is the SSL that secures between your server and cloudflare. Cloudflare automatically manage your front facing SSL, which will be a wildcard certificate securing many client sites of theirs, but exactly the same as what you use now.

That's it.

Other than the many other options you can play with to improve the speed and performance of your sites loading via cloudflare.

You don't need to generate a CSR or anything on your server, you can do it all on cloudflare and just copy paste it over your existing file locations, depending on what you're using (NGINX or Apache).
X-Terrain 2021 with a long list of to-do's.
 

Offline DannyG

  • Administrator
  • XRunner Member
  • *****
  • Join Date: Oct 2014
  • Location: Tasmania
  • Posts: 2609
  • Thanked: 321 times
    • DannyG.com
Re: Forum Security Error
« Reply #11 on: Jul 23, 2022, 08:11:22 AM »
Cloudflare is the largest DNS provider, which just happens to come with CDN and lots of other free features. Paid plans have more, but you don't need them for basic website management.

You create a cloudflare account.

You change your domain DNS to point at cloudflare instead of at your server.

You point cloudflare DNS to your server. Most domain registrars don't provide full DNS control nowadays, cloudflare does, FREE.

When the domain is picked up in cloudflare (takes about a minute or two), you can then create an Origin SSL, which is typically 15 years. That is the SSL that secures between your server and cloudflare. Cloudflare automatically manage your front facing SSL, which will be a wildcard certificate securing many client sites of theirs, but exactly the same as what you use now.

That's it.

Other than the many other options you can play with to improve the speed and performance of your sites loading via cloudflare.

You don't need to generate a CSR or anything on your server, you can do it all on cloudflare and just copy paste it over your existing file locations, depending on what you're using (NGINX or Apache).


Thanks for the info, way too complicated for me. I have no idea about dns's or how to point them sorry. Ive paid for the SSL thingy for a 2 or 3 years in advance now so I think I have to just leave it for now.
"People will forget what you said, they will forget what you did, but people will never forget how you made them feel"

 

Offline yvesjv

Re: Forum Security Error
« Reply #12 on: Jul 23, 2022, 10:19:10 AM »
Totally agree with clodflare except for the use of the wildcard certificate.
If you just happen to share that wildcard cert and with 'bad neighbours' sharing the same IP from the provider, you will be blocked... period
We use umbrella dns and see totally legit sites blocked because of 'bad neighbours'.

Long explanation:
https://umbrella.cisco.com/blog/websites-and-bad-neighbors
 

Offline WAI4WD

  • XRunner Member
  • *****
  • Join Date: Apr 2021
  • Location: Richmond Melbourne
  • Posts: 1102
  • Thanked: 303 times
  • Car Type: DMAX
    • Wife & I 4WD
Re: Forum Security Error
« Reply #13 on: Jul 23, 2022, 11:42:15 AM »
Totally agree with clodflare except for the use of the wildcard certificate.
If you just happen to share that wildcard cert and with 'bad neighbours' sharing the same IP from the provider, you will be blocked... period
Not how it works with Cloudflare. SSL is being assigned to cloudflare IP's, none of which are EVER considered bad as Cloudflare IP's are considered tier connections. The cert issued by Cloudflare for your server, is between you and cloudflare only, NOT the visitor. Any bad neighbour server IP has ZERO impact on SSL or IP blocks. You can't impact another user with Cloudflare. Bad neighbours (server IP's) are typically associated to email spam, nothing else.

Never read about this being an issue using Cloudflare due to how they're system works. Their DNS is the fastest in the world to date for good reason.

Oh, and to use the cloudflare free SSL system, you have to use cloudflare DNS, you can't bypass it within the DNS settings, pointing back to forward facing SSL using cloudflare only IP's not origin IP's.
X-Terrain 2021 with a long list of to-do's.
 

Offline yvesjv

Re: Forum Security Error
« Reply #14 on: Jul 24, 2022, 03:29:06 AM »
Looked it up, they use nginx.
Guess it's all go for Danny to migrate to Cloudflare then.
 

 

SimplePortal 2.3.7 © 2008-2024, SimplePortal