Aurora 4x
Off Topic => Off Topic => Topic started by: Snoman314 on November 05, 2023, 08:51:19 AM
-
I've been having trouble accessing the Wiki lately, then I noticed this (see attached screenshot).
-
try accessing w/o https.
-
Now the forum's SSL certificate has expired as well. My ISP blocks connections with expired certificates, so it doesn't matter what browser settings I try. So I'm no longer able to access the forum, unless I use my phone with the WiFi turned off, to use mobile data. I don't normally access the forum on my phone, and just typing this email out is a pain. But I wanted to make sure someone was tracking the issue.
I'll check back periodically to see if I can access the forums but this'll likely be the last you hear from me until the issue is resolved.
-
If you guys are having problems I can set up certs for you, its not that hard...
-
I've bitten the bullet and paid for a VPN subscription, so I'm back to enjoy the new updates! That said, hopefully this issue gets resolved as having the site blocked for people not in the know, just when a new version is coming out, isn't the best...
-
You don't need a VPN... all you need is to use HTTP rather than HTTPS when browsing the forums. Or do you have some other issues?
-
You don't need a VPN... all you need is to use HTTP rather than HTTPS when browsing the forums. Or do you have some other issues?
It sounds like some people's browsers (notably Chrome) won't allow accessing the HTTP sites anymore.
I do wonder if Erik could chime in about why we have not moved to HTTPS given that it is increasingly a problem for people, I think I saw that it costs extra money but I am not the person who would know. If that is the case perhaps a holiday season donation run would be productive...
-
You don't need a VPN... all you need is to use HTTP rather than HTTPS when browsing the forums. Or do you have some other issues?
It sounds like some people's browsers (notably Chrome) won't allow accessing the HTTP sites anymore.
I do wonder if Erik could chime in about why we have not moved to HTTPS given that it is increasingly a problem for people, I think I saw that it costs extra money but I am not the person who would know. If that is the case perhaps a holiday season donation run would be productive...
Well, I'm currently using mostly Chrome and can browse the forum with HTTP, but I do understand that it is a problem for some people. It clearly would be better if HTTPS would work. There also is a cost involved with having a public certificate.
-
Yeah my Chrome has no problems visiting the site.
-
You don't need a VPN... all you need is to use HTTP rather than HTTPS when browsing the forums. Or do you have some other issues?
Based on my conversations with them elsewhere, Snoman has a somewhat unique use case where the block on expired cert websites is at the ISP level. I've never heard of that happening, personally, but it's not difficult to imagine what they're saying is true.
Regardless, updating the website's certificate really shouldn't be too difficult - we just need to find the person who has the credentials to do it and bother them about it.
-
You don't need a VPN... all you need is to use HTTP rather than HTTPS when browsing the forums. Or do you have some other issues?
Based on my conversations with them elsewhere, Snoman has a somewhat unique use case where the block on expired cert websites is at the ISP level. I've never heard of that happening, personally, but it's not difficult to imagine what they're saying is true.
Regardless, updating the website's certificate really shouldn't be too difficult - we just need to find the person who has the credentials to do it and bother them about it.
But if using HTTP instead of HTTPS, the cert should never even come up? If that's a supported option on the site. Though I can't say I'd recommend, say, logging into a forum over bare HTTP.
-
I have a very restrictive ISP, for reasons I won't go into. I think what happened is that the first time I visited the site after the SSL cert expired, it got added to the ISPs block list. From then on, regardless of whether I used http or https, I'd get redirected to a page saying the site could not be accessed. This was not at the browser level. So I need a VPN to get around the ISPs block.
All that said, for new people coming along, they're likely to just see the page get blocked by their browser, and not knowing any better are likely to not come back.
-
There also is a cost involved with having a public certificate.
No there isn't. Industry pays the internet security research group with the understanding that it will amongst other things provide LetsEncrypt certs for no charge. All you need to do is reissue it every year, which is true of every cert.
-
Yeah my Chrome has no problems visiting the site.
Chrome on this box has no problem accessing the site. However, my other (newer) laptop can't get here unless I go incognito and explicitly accept "the risk". According to that instance of Chrome, Pentarch uses HSTS (and thus browsers should automatically redirect http to https), and in normal mode it won't let me go any further.
-
All that said, for new people coming along, they're likely to just see the page get blocked by their browser, and not knowing any better are likely to not come back.
This is the main thing to me - I'm not saying Aurora needs to have a full-blown PR recruitment campaign, but it's better if we are reducing barriers to entry for people to keep the forum community robust and healthy. Some folks will never even think to use something as ancient as a "forum" in this modern era of Discord and Reddit, and that's fine, but for the folks who will use a forum I think it's best not to make that any trickier than it has to be, where possible and reasonable to do so.
-
If I saw a security warning for the webpage of an old looking game I’d assume the domain was taken over by scammers and back out.
-
If I saw a security warning for the webpage of an old looking game I’d assume the domain was taken over by scammers and back out.
Scammers are not paying the hosting fees ;)
-
Certificate should be live in 2-3 days.
-
Just want to remind that the certificate issue is still active.
Firefox does not show http version the http://aurora2.pentarch.org/ => server not found
Firefox shows the site via https with the manual security exception
Chrome does not give a chance to make a security exception and does not show the https site
Chrome follow the HSTS redirection from http to https and again give no chance to make a security exception.
It is not possible to use chrome for aurora2.pentarch.org for me, for now.
3 other browsers allow me to make security exceptions. So the site is accessible after all, but strangers needs to have strong intention to use it.