Aurora 4x
Off Topic => Forum Issues => Topic started by: db48x on January 22, 2021, 10:36:35 AM
-
img tags now go through an HTTPS proxy with a self–signed certificate, which by default all web browsers reject. This means that the images appear to be missing.
Here's an example:
(http://db48x.net/Aurora/galaxy map 4102.png)
The image proxy works perfectly fine over HTTP, so you could just change the url to HTTP and that will fix it:
https://aurora2.pentarch.org/proxy.php?request=http%3A%2F%2Fdb48x.net%2FAurora%2Fconventional%2520start%2520in%25202020%2520with%2520v1.11%2Fgalaxy%2520map%25202232.png&hash=2f15913a31f24395f9ea7c4f83cc68c29e3e3c2c (https://aurora2.pentarch.org/proxy.php?request=http%3A%2F%2Fdb48x.net%2FAurora%2Fconventional%2520start%2520in%25202020%2520with%2520v1.11%2Fgalaxy%2520map%25202232.png&hash=2f15913a31f24395f9ea7c4f83cc68c29e3e3c2c)
http://aurora2.pentarch.org/proxy.php?request=http%3A%2F%2Fdb48x.net%2FAurora%2Fconventional%2520start%2520in%25202020%2520with%2520v1.11%2Fgalaxy%2520map%25202232.png&hash=2f15913a31f24395f9ea7c4f83cc68c29e3e3c2c (http://aurora2.pentarch.org/proxy.php?request=http%3A%2F%2Fdb48x.net%2FAurora%2Fconventional%2520start%2520in%25202020%2520with%2520v1.11%2Fgalaxy%2520map%25202232.png&hash=2f15913a31f24395f9ea7c4f83cc68c29e3e3c2c)
-
I got a prompt to accept the cert. :)
It is self-signed by me. You can trust me. :)
-
I am also seeing some images have disappeared. Some images seem fine (e.g. I scrolled through Froggiest's AAR and they look fine), however images in Steve's posts for example are missing and I believe he hosts his images on the site domain instead of Imgur etc.
I use Firefox and I did not see any pop-up regarding certs so I do not know how to make the latter images reappear.
-
Might I suggest https://letsencrypt.org/.
-
I got a prompt to accept the cert. :)
It is self-signed by me. You can trust me. :)
I get a prompt on firefox if I click the https link the the OP.
-
Might I suggest https://letsencrypt.org/.
Host is listed under "No planned support"
-
Yep, all the pictures in Steve's changelogs and AARs are gone. You only get a security warning if you access the image directly like with the links db48x posted, embedded ones in a thread just fail silently.
Even if you got the security warning, most people don't know what they are or are going to accept your cert.
-
Cant you just get your cert validated?
-
Yep, all the pictures in Steve's changelogs and AARs are gone. You only get a security warning if you access the image directly like with the links db48x posted, embedded ones in a thread just fail silently.
Even if you got the security warning, most people don't know what they are or are going to accept your cert.
Yeah, if I hadn't read this thread I wouldn't even have known that any images were missing, I got no prompt (in latest Firefox) when loading other threads with the blocked images. Only when I copied and pasted an image link from the source code did I get the security warning popup.
-
This is something outside my knowledge :)
What do I need to do to get the images to reappear?
-
If you click on link in the first post by db48x. There should be a message about certificate. If you allow the certificate the pictures should work again.
-
I get the following message:
"Your connection is not private
Attackers might be trying to steal your information from aurora2.pentarch.org (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID
This server could not prove that it is aurora2.pentarch.org; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to aurora2.pentarch.org (unsafe)"
Do I have to click proceed to see the pictures?
Also, what has changed and is there a way to return to a situation where everyone can see the pictures?
-
You should click proceed.
People complained about not having a certificate with the false-positives on the downloads. I can uninstall the cert if needed.
-
You should click proceed.
People complained about not having a certificate with the false-positives on the downloads. I can uninstall the cert if needed.
Erik whatever you did, all the images are now broken - including all the ribbons and emoticon/markdown stuff when writing a message. Idk what kind of cert your using but clearly its not helping, you'll need something else, but idk what that could be rn.
-
You should click proceed.
People complained about not having a certificate with the false-positives on the downloads. I can uninstall the cert if needed.
Erik whatever you did, all the images are now broken - including all the ribbons and emoticon/markdown stuff when writing a message. Idk what kind of cert your using but clearly its not helping, you'll need something else, but idk what that could be rn.
I see that. Working on reverting what I just did, but it is being stubborn.
-
You should click proceed.
People complained about not having a certificate with the false-positives on the downloads. I can uninstall the cert if needed.
Erik whatever you did, all the images are now broken - including all the ribbons and emoticon/markdown stuff when writing a message. Idk what kind of cert your using but clearly its not helping, you'll need something else, but idk what that could be rn.
I see that. Working on reverting what I just did, but it is being stubborn.
If everything else fails, do you have the last resort of rollback? If yes, how far back is the most recent backup?
-
I think I've removed the cert. Much easier to install than to delete. :(
But everything should be working now.
-
You may have to spring for a verified SSL certificate - that is a significant cost for an operation like this, but it's becoming table-stakes for web sites, especially if you're downloading something.
-
You may have to spring for a verified SSL certificate - that is a significant cost for an operation like this, but it's becoming table-stakes for web sites, especially if you're downloading something.
I know. It's another $100/year on top of the already (fairly hefty) hosting costs. Plus another $25 install fee. The self-signed was nice because no fees :)
-
SSL certs are free. They can be generated via LetsEncrypt.
Not knowing anything about the hosting situation, I can not give advice on installation.
-
You may have to spring for a verified SSL certificate - that is a significant cost for an operation like this, but it's becoming table-stakes for web sites, especially if you're downloading something.
I know. It's another $100/year on top of the already (fairly hefty) hosting costs. Plus another $25 install fee. The self-signed was nice because no fees :)
I'm going to put in another recommendation for using LetsEncrypt. Every cert is free, and you configure your server to automatically renew them so that you never have an annual task to do manually.
Edit: Oh, but you might be saying that your web host charges extra to use SSL certs, and doesn't let you use LetsEncrypt? That would suck. Seems like there could be better alternatives.
-
If the web host charges for you to secure your own server, it seems like a company that does not actually want your business. There are many hosting services that will provide SSL for free.
-
It's not like the hardware is in my living room :)
The hosting company provides unlimited bandwidth and drive space, something this forum consumes a lot of (250ish gig for January already in bandwidth).
If I get the cert from the host, it costs. If I get it from a different source, it costs less. LetsEncrypt is not supported by the host.
-
I'm not sure it's the same issue, but Subj tags (like "new") seems to be broken now.
That's what I see after a try to open tag image placeholder in separate tab:
The requested URL was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
-
I'm not sure it's the same issue, but Subj tags (like "new") seems to be broken now.
That's what I see after a try to open tag image placeholder in separate tab:
The requested URL was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I noticed that. Most likely because I buggered something up :)
-
Solution is to go to your profile and reselect English (or your language of choice). Dunno why doing a bulk change messes it up, bit frakk it all
-
Solution is to go to your profile and reselect English (or your language of choice). Dunno why doing a bulk change messes it up, bit frakk it all
Yep. What my test account said :)
Profile, Account Settings. Probably says default language is Albanian (really SMF?). Change that to English or Russian or German or Swahili. Your choice. Put your password in, and it is fixed once you hit save.
-
Haa, that did the trick, hooray!