Author Topic: SSL (Read 18731 times)

theellimist · « **Reply #16 on:** August 22, 2012, 02:21:48 am »

Quote from: techb on August 21, 2012, 07:17:05 am

The only issue I have with using SSL is links don't point to it. Such as, when I read new posts via /unread it puts me right back into http instead of the SSL. It may be different on a non-mobile device, but I keep getting put back into http.

I haven't noticed this yet. Anyway, totally awesome guys!

ande · « **Reply #17 on:** August 23, 2012, 03:14:50 pm »

Hmm, bad coding on SMF's part.. I could put a small piece of code @ script startup that checks of you are on SSL or not and redirect you if you are not (and you have "enabled" SSL).

Ill see what I can do.

Stackprotector · « **Reply #18 on:** August 27, 2012, 06:36:21 pm »

Ande, lets just ask for SSL.

Simba · « **Reply #19 on:** August 27, 2012, 10:26:09 pm »

Good news! Good to see my suggestion implemented

iTpHo3NiX · « **Reply #20 on:** September 07, 2012, 04:18:27 am »

Quote from: lucid on August 22, 2012, 01:26:41 am

Have you guys heard of HTTPS Everywhere?

Even with this addon, I still find that sometimes I get set back to no SSL... dunno what the issue is... I've tried replicating it, but its a hit or miss... Not sure whats going on... It might be a cache issue though...

Honestly I think SSL should be standard and forced on all sites...

Also just wanted to add that there is no SSL on the upload.evilzone.org, if you try https it wont even load the page (noticed it when I tried loading it with https everywhere)

EDIT:
(like right now, I was SSL when I made this post, but then after I submitted it I went back to noSSL... Not sure whats up with it)

lucid · « **Reply #21 on:** September 07, 2012, 05:28:39 am »

Quote from: skidiot.h on September 07, 2012, 04:18:27 am

Also just wanted to add that there is no SSL on the upload.evilzone.org, if you try https it wont even load the page (noticed it when I tried loading it with https everywhere)

Strange, with HTTPS Everywhere I can load upload evilzone just fine.

iTpHo3NiX · « **Reply #22 on:** September 07, 2012, 09:17:58 am »

Quote from: lucid on September 07, 2012, 05:28:39 am

Strange, with HTTPS Everywhere I can load upload evilzone just fine.

but is it https? I can load it, as long as I don't have the https://upload.evilzone.org

This is what happens when I load https://upload.evilzone.org (check attachment)

s3my0n · « **Reply #23 on:** September 07, 2012, 12:32:24 pm »

Quote from: skidiot.h on September 07, 2012, 04:18:27 am

Even with this addon, I still find that sometimes I get set back to no SSL... dunno what the issue is... I've tried replicating it, but its a hit or miss... Not sure whats going on... It might be a cache issue though...

Honestly I think SSL should be standard and forced on all sites...

Also just wanted to add that there is no SSL on the upload.evilzone.org, if you try https it wont even load the page (noticed it when I tried loading it with https everywhere)

EDIT:
(like right now, I was SSL when I made this post, but then after I submitted it I went back to noSSL... Not sure whats up with it)

Maybe someone is sniffing your traffic with sslstrip ;P

iTpHo3NiX · « **Reply #24 on:** September 07, 2012, 07:54:04 pm »

Quote from: s3my0n on September 07, 2012, 12:32:24 pm

Maybe someone is sniffing your traffic with sslstrip ;P

I can be sure that's not happening

lucid · « **Reply #25 on:** September 07, 2012, 10:24:17 pm »

That's strange. I hadn't noticed it before but that happens to me too. When I go to the ssl version it just takes me to the main page.

Hmmm..

iTpHo3NiX · « **Reply #26 on:** September 08, 2012, 01:21:13 am »

I'm thinking it might be a cache problem... Might have to do that, then flush my dns.

ande · « **Reply #27 on:** September 08, 2012, 01:54:32 am »

I am guessing this is a SMF/Theme problem. This theme and the SMF engine we are using have been hacked up and changed so much that there are probably a few hard coded links around etc. And because of this, I am not going to try to fix it, as this system is gonna get scrapped in not too long.

Conch · « **Reply #28 on:** September 08, 2012, 10:56:32 pm »

Sorry guys if this is a stupid question, but this got me questioning ever since using the SSL-Only IRC.

What are the benefits of using SSL? The only benefit I know of, is if you're on an unencrypted/public network and the traffic can be sniffed, but the SSL headers can also be stripped?

Besides from sniffing, what other precautions are safer over SSL.

Thanks guys.
P.s, Congrats!

lucid · « **Reply #29 on:** September 09, 2012, 04:42:34 am »

Quote from: Conch on September 08, 2012, 10:56:32 pm

Sorry guys if this is a stupid question, but this got me questioning ever since using the SSL-Only IRC.

What are the benefits of using SSL? The only benefit I know of, is if you're on an unencrypted/public network and the traffic can be sniffed, but the SSL headers can also be stripped?

Besides from sniffing, what other precautions are safer over SSL.

Thanks guys.
P.s, Congrats!

Honestly(and quote me if I'm wrong) it's not a perfect thing. It's a good precaution to take but as you said SSL headers can be stripped. Everything has a flaw.

EvilZone

News:

Author Topic: SSL (Read 18731 times)

iTpHo3NiX

Re: SSL

theellimist

Re: SSL

ande

Re: SSL

Stackprotector

Re: SSL

Simba

Re: SSL

iTpHo3NiX

Re: SSL

lucid

Re: SSL

iTpHo3NiX

Re: SSL

s3my0n

Re: SSL

iTpHo3NiX

Re: SSL

lucid

Re: SSL

iTpHo3NiX

Re: SSL

ande

Re: SSL

Conch

Re: SSL

lucid

Re: SSL