ninjette.org

Go Back   ninjette.org > Forum Info > Forum Information

Reply
 
Thread Tools
Old April 17th, 2018, 09:55 AM   #1
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
SSL cert expired

Hi folks -

Wanted to post a thread apologizes for the embarrassing oversight today of letting the SSL cert expire. Had received notifications for awhile, but hadn't gotten around to it yet. I'm remote today (at a security conference, ironically), but hope to get around to updating it late tonight.

To be clear, the site is no less secure (or more secure) than it was yesterday. SSL certs have an expiration date on them, but that timing is a bit arbitrary. Expiration does not mean anything bad happened to them, they've been compromised, or any other issue. It's just good security practice to keep them updated every few years in the off-chance that they were compromised at some point during that period.

Most importantly, there isn't any personal data stored here on this site about any of us. Everything that this site has in terms of user data is essentially open to all already; it's all of our posts that we put up to share with others. I moved the site to SSL awhile back as an exercise, but that turned out to be a bit prescient as Google started to encourage all sites to use SSL, even if there wasn't any sensitive or critical data stored on the site.

Happy to answer any questions here, and also take any well-deserved insults, put-downs, and general abuse for not getting to this in time.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote




Old April 17th, 2018, 10:24 AM   #2
adouglas
Cat herder
 
adouglas's Avatar
 
Name: Gort
Location: A secret lair which, being secret, has an undisclosed location
Join Date: May 2009

Motorcycle(s): 2012 Triumph Street Triple R (street), 2006 Yamaha R6 (track)

Posts: A lot.
Blog Entries: 6
MOTM - Jul '18, Nov '16, Aug '14, May '13
Go on, admit it. You're Zuckerberg in disguise, aren't you?
__________________________________________________
I am NOT an adrenaline junkie, I'm a skill junkie. - csmith12

Nam et ipsa scientia potestas est.
Heri historia. Cras mysterium. Hodie donum est. Carpe diem.
adouglas is offline   Reply With Quote


Old April 17th, 2018, 10:51 AM   #3
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
I can neither confirm or deny.

__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 17th, 2018, 11:05 AM   #4
Triple Jim
Guy Who Enjoys Riding
 
Triple Jim's Avatar
 
Name: Jim
Location: North Central North Carolina
Join Date: Jul 2016

Motorcycle(s): Ninja 250

Posts: A lot.
MOTM - Oct '18, Aug '17, Aug '16
Thanks Alex... I got the warning this morning, but figured that by now I can probably trust the site.
Triple Jim is offline   Reply With Quote


Old April 17th, 2018, 12:47 PM   #5
DannoXYZ
ninjette.org certified postwhore
 
Name: AKA JacRyann
Location: Mesa, AZ
Join Date: Dec 2011

Motorcycle(s): CB125T EX250F-street Ninja250R-race CBR250R-MC19 CBR250RR-MC22 NSR350R-MC21 VF500F CBR600RR VFR750F

Posts: A lot.
MOTY - 2018, MOTM - Nov '17
Quote:
Originally Posted by Alex View Post
I can neither confirm or deny.
to verify itís really you, PM me all your account numbers and PIN
DannoXYZ is offline   Reply With Quote


Old April 17th, 2018, 01:39 PM   #6
adouglas
Cat herder
 
adouglas's Avatar
 
Name: Gort
Location: A secret lair which, being secret, has an undisclosed location
Join Date: May 2009

Motorcycle(s): 2012 Triumph Street Triple R (street), 2006 Yamaha R6 (track)

Posts: A lot.
Blog Entries: 6
MOTM - Jul '18, Nov '16, Aug '14, May '13
Quote:
Originally Posted by DannoXYZ View Post
to verify itís really you, PM me all your account numbers and PIN
Here you go. All the number and PINS are in this post.



__________________________________________________
I am NOT an adrenaline junkie, I'm a skill junkie. - csmith12

Nam et ipsa scientia potestas est.
Heri historia. Cras mysterium. Hodie donum est. Carpe diem.
adouglas is offline   Reply With Quote


Old April 17th, 2018, 06:58 PM   #7
Snake
ninjette.org certified postwhore
 
Snake's Avatar
 
Name: Rick
Location: Alexandria, Louisiana
Join Date: Jan 2009

Motorcycle(s): 05 Blue Ninja 250

Posts: Too much.
MOTY - 2017, MOTM - Jan '19, Oct '16, May '14
I took a leap of faith and clicked ok I trust Alex.
Snake is offline   Reply With Quote


Old April 18th, 2018, 07:09 AM   #8
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Alright - we're good until 4/2020. Hopefully I'll fix it ahead of time at that point.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


2 out of 2 members found this post helpful.
Old April 18th, 2018, 07:29 AM   #9
Z1R rider
ninjette.org certified postwhore
 
Z1R rider's Avatar
 
Name: Roger
Location: Mitchell, South Dakota
Join Date: Apr 2014

Motorcycle(s): 1978 Z1R, 1999 EX250

Posts: A lot.
MOTY - 2018, MOTM - Oct '16
__________________________________________________
top of the day to ya Unregistered
Z1R rider is offline   Reply With Quote


Old April 18th, 2018, 10:03 AM   #10
CaliGrrl
ninjette.org certified postwhore
 
CaliGrrl's Avatar
 
Name: Kerry
Location: Ventura, CA
Join Date: Jan 2016

Motorcycle(s): Ninja250

Posts: A lot.
MOTM - Apr '18, Apr '17, Apr '16
Thanks for updating it! I got the warning, I trust the site, but I didn't know how to tell my computer "go there anyway." So I'm glad it's updated and my 'puter will let me come here again.
CaliGrrl is offline   Reply With Quote


Old April 18th, 2018, 10:35 AM   #11
DannoXYZ
ninjette.org certified postwhore
 
Name: AKA JacRyann
Location: Mesa, AZ
Join Date: Dec 2011

Motorcycle(s): CB125T EX250F-street Ninja250R-race CBR250R-MC19 CBR250RR-MC22 NSR350R-MC21 VF500F CBR600RR VFR750F

Posts: A lot.
MOTY - 2018, MOTM - Nov '17
Awesome!
DannoXYZ is offline   Reply With Quote


Old April 18th, 2018, 01:58 PM   #12
maverick9611
"a legend in my own mind"
 
maverick9611's Avatar
 
Name: maverick9611
Location: Augusta,Georgia
Join Date: May 2017

Motorcycle(s): 2008 250r(red),2008 klr 692 (godzilla),2020 aprilia dorsoduro,

Posts: A lot.
MOTM - Feb '18
__________________________________________________
"trying not to get old"
maverick9611 is offline   Reply With Quote


Old April 25th, 2018, 11:20 AM   #13
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
So this is how users at MyEtherWallet were hacked yesterday.

News story: https://www.theverge.com/2018/4/24/1...tolen-ethereum

Someone was able to corrupt/co-opt some DNS entries for the site, set up a new site, and the DNS took some users right to the phishing site. Once there, they had the credentials they needed to then go to the real site and start emptying wallets. Users who were robbed had to click through that "this site cert ain't right" error, did so, and were taken to the malicious site - the site that they landed on couldn't provide a valid SSL cert and the browsers would have warned them.

I only add this for some context about those cert errors. That use case above is pretty much the whole point of the technology. The site that you're going to might not be the one you expect, because the cert can't be validated - be cautious with where you go and what you enter if you do click past those warnings. In 99% of the cases, it's going to be something like happened here on Ninjette, with an expired cert due to an incompetent admin (like me). But every once in awhile, that cert error can be a real tip-off that something bad is about to happen because the site you're going to isn't the one you expect, either because it has been hacked directly, or you're being redirected to an entirely different location than you expected.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 25th, 2018, 01:51 PM   #14
CaliGrrl
ninjette.org certified postwhore
 
CaliGrrl's Avatar
 
Name: Kerry
Location: Ventura, CA
Join Date: Jan 2016

Motorcycle(s): Ninja250

Posts: A lot.
MOTM - Apr '18, Apr '17, Apr '16
Good to know, thanks. I don't know much about how this works, and I trusted Ninjette, but it's good info.
CaliGrrl is offline   Reply With Quote


Old April 17th, 2020, 09:06 AM   #15
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Quote:
Originally Posted by Alex View Post
Alright - we're good until 4/2020. Hopefully I'll fix it ahead of time at that point.
Narrator voice: "He didn't"
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old April 17th, 2020, 09:51 AM   #16
Triple Jim
Guy Who Enjoys Riding
 
Triple Jim's Avatar
 
Name: Jim
Location: North Central North Carolina
Join Date: Jul 2016

Motorcycle(s): Ninja 250

Posts: A lot.
MOTM - Oct '18, Aug '17, Aug '16
No problem of course, Alex... thanks for today's repair. I was able to get in via Tor Browser, but it seemed that no one else was around.
Triple Jim is offline   Reply With Quote


Old April 17th, 2020, 12:25 PM   #17
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
The reason the TOR browser worked is likely because it's running in incognito mode, and isn't storing HSTS data. If you opened up another browser that you've never used to connect to ninjette before, it would likely have worked as well. The way that setting works between web servers and clients is like this: Once you go to a site, and it has a legitimate SSL certificate, the browser says "OK" and keeps track of it. Forevermore, if you use that browser to go to that site, it confirms there is a valid cert, and if there isn't, it hard fails it and will not allow you to bypass. If you open up a completely new browser and go to the site, it may warn you that the site has a bad cert, but it will let you bypass the warning.

You can go into an existing browser, and there are ways to delete the HSTS stored data. I've had to do that a few times when I do screw up the SSL cert and still have to get to a site with the same browser.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old April 17th, 2020, 04:57 PM   #18
Triple Jim
Guy Who Enjoys Riding
 
Triple Jim's Avatar
 
Name: Jim
Location: North Central North Carolina
Join Date: Jul 2016

Motorcycle(s): Ninja 250

Posts: A lot.
MOTM - Oct '18, Aug '17, Aug '16
Understood. Tor asked me if I'd like to ignore the expired certificate. I can't swear I've never connected to this site with it though.
Triple Jim is offline   Reply With Quote


Old April 17th, 2020, 07:07 PM   #19
DannoXYZ
ninjette.org certified postwhore
 
Name: AKA JacRyann
Location: Mesa, AZ
Join Date: Dec 2011

Motorcycle(s): CB125T EX250F-street Ninja250R-race CBR250R-MC19 CBR250RR-MC22 NSR350R-MC21 VF500F CBR600RR VFR750F

Posts: A lot.
MOTY - 2018, MOTM - Nov '17
Does anyone ever say NO to bypassing cert-expiration warning?
Or even incorrect cert saying you're being re-directed to "IMGONNA.STEALYOURCC#.COM"??

Last futzed with by DannoXYZ; April 17th, 2020 at 08:14 PM.
DannoXYZ is offline   Reply With Quote


Old April 18th, 2020, 10:55 AM   #20
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
No - which is probably one of the reasons HSTS came to be. It allows sites to make it much harder for users to bypass that warning, if the site chooses to enforce it. It's one of those "ecosystem" type things though, that only has a benefit if many/most sites implement it.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 16th, 2022, 04:34 AM   #21
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
When the site was moved over to a new VM today, I figured it would be a good idea to see when the SSL cert was due to expire. Turns out that it was due to expire today - 4/16/2022! Updated it (after finding the instructions I saved forever ago on how to do so), so we're now good for another year. If I had forgotten, we all would have been locked out at midnight until I reset the darned thing.

On a separate note, the new server appears to be screaming fast. Usage of it is showing something like .01 on average, and response time is lightning quick.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old April 16th, 2022, 06:17 AM   #22
Snake
ninjette.org certified postwhore
 
Snake's Avatar
 
Name: Rick
Location: Alexandria, Louisiana
Join Date: Jan 2009

Motorcycle(s): 05 Blue Ninja 250

Posts: Too much.
MOTY - 2017, MOTM - Jan '19, Oct '16, May '14
So glad that you were able to remember about the cert expiring. If I had been locked out tomorrow morning the first thing I would have thought was ďOh no I posted something negative, got a thumbs down and Alex locked me outĒ.
Snake is offline   Reply With Quote


Old April 16th, 2022, 09:56 AM   #23
DannoXYZ
ninjette.org certified postwhore
 
Name: AKA JacRyann
Location: Mesa, AZ
Join Date: Dec 2011

Motorcycle(s): CB125T EX250F-street Ninja250R-race CBR250R-MC19 CBR250RR-MC22 NSR350R-MC21 VF500F CBR600RR VFR750F

Posts: A lot.
MOTY - 2018, MOTM - Nov '17
Awesome!!!

I like automatic free cert renewal with certbot/LetsEncrypt.org.
CertBot agent regularly checks for expiration and downloads new cert before it expires.
https://letsencrypt.org/getting-started/
DannoXYZ is offline   Reply With Quote


Old April 16th, 2022, 01:42 PM   #24
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
I should look into that some point if I ever change the architecture. When I first put SSL onto this site awhile back, LetsEncrypt was a bit of a joke, and essentially meant that the site wasn't able to get a "real" cert. But over many years - quite a bit has changed, and sites with LetsEncrypt aren't penalized a bit.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 17th, 2022, 11:11 AM   #25
CaliGrrl
ninjette.org certified postwhore
 
CaliGrrl's Avatar
 
Name: Kerry
Location: Ventura, CA
Join Date: Jan 2016

Motorcycle(s): Ninja250

Posts: A lot.
MOTM - Apr '18, Apr '17, Apr '16
Excellent! Thanks for keeping an eye on it!
CaliGrrl is offline   Reply With Quote


Old April 24th, 2022, 11:02 AM   #26
CZroe
CPT Falcon
 
CZroe's Avatar
 
Name: J.Emmett Turner
Location: Newnan, GA
Join Date: Apr 2009

Motorcycle(s): '08 CP Blue EX250J, '97 unpainted EX250F, 2nd '97 unpainted EX250F (no engine), '07 black EX250F

Posts: A lot.
Quote:
Originally Posted by DannoXYZ View Post
Awesome!!!

I like automatic free cert renewal with certbot/LetsEncrypt.org.
CertBot agent regularly checks for expiration and downloads new cert before it expires.
https://letsencrypt.org/getting-started/
Spam bot detected!

/JK

Donít mess with Alex thoí

Iím still suffering his endless newsletter spam in retaliation for the time Jiggles and I made it look like I hacked the site.
CZroe is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old April 24th, 2022, 03:11 PM   #27
DannoXYZ
ninjette.org certified postwhore
 
Name: AKA JacRyann
Location: Mesa, AZ
Join Date: Dec 2011

Motorcycle(s): CB125T EX250F-street Ninja250R-race CBR250R-MC19 CBR250RR-MC22 NSR350R-MC21 VF500F CBR600RR VFR750F

Posts: A lot.
MOTY - 2018, MOTM - Nov '17
Quote:
Originally Posted by CZroe View Post
Spam bot detected!

/JK

Donít mess with Alex thoí

Iím still suffering his endless newsletter spam in retaliation for the time Jiggles and I made it look like I hacked the site.
HahHhahhHahhh!!!
DannoXYZ is offline   Reply With Quote


1 out of 1 members found this post helpful.
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Trying out SSL Alex Forum Information 13 March 7th, 2015 09:05 PM
[superbikeplanet.com] - More From The Thawing Cube Of Expired Red Bull Ninjette Newsbot Motorcycling News 0 November 19th, 2014 03:10 PM
Ontario License Expired MyronGanes General Motorcycling Discussion 10 March 31st, 2014 09:23 AM
[roadracingworld.com] - Brammo Replaces Expired Federal Tax Incentive With Retail Inc Ninjette Newsbot Motorcycling News 0 January 2nd, 2014 11:00 AM


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Motorcycle Safety Foundation

All times are GMT -7. The time now is 10:43 PM.


remote server monitor
Powered by vBulletin®
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2022 DragonByte Technologies Ltd.
Except where otherwise noted, all site contents are © Copyright 2022 ninjette.org, All rights reserved.