ninjette.org

Go Back   ninjette.org > Forum Info > Forum Information

Notices

Reply
 
Thread Tools
Old April 6th, 2014, 01:37 AM   #1
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Trying out SSL

I had played with it about a year ago, had it running for a short while, then broke it unintentionally. I spent much of today getting it up and running again, and now with the larger server capacity we have, I want to try running the whole site through SSL (https). It simplifies many things if you just move the whole site over rather than doing it piecemeal. There will undoubtedly be some quirks along the way, so please post up when/if you notice them.

I know that the wiki might show up with some ssl errors, and I think there still some glitches on the portal page. Also - as we post up many, many images on this forum from other websites, you will frequently see the SSL symbol in your address bar change from full lock/green to yellow. All this means is that some items on the page you are looking at aren't encrypted, as they are being served directly from another website; they aren't coming from our ninjette.org server itself.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote




Old April 6th, 2014, 02:00 AM   #2
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
One thing I'm working on is the youtube embed code; it's not happy right now. The links still work, but I hope to have the existing embed code fixed shortly.

EDIT: Most of the major embedding code is now working fine (youtube, google maps, vimeo, spotwalla, the member map)
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 6th, 2014, 03:02 AM   #3
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
The wiki looks pretty good at this point. No obvious SSL errors anymore, and I took the opportunity to update the logo picture and the sizing of the header ad, so it looks much more like the main part of the site. Was able to use the SSL error logs to identify a few other files/images that had been missing for years, including the bullet images on the list pages within the wiki (like here). I think it's time for sleep...
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 6th, 2014, 02:16 PM   #4
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Hmm, I have a user saying on Facebook that they can't get to the site, as it keeps saying invalid certificate and redirecting them. Has anyone else seen anything like that today? (I imagine if it's affecting others, they wouldn't be here either, but worth a shot). Still seeing normal usage and normal traffic so far, so it doesn't appear to be a widespread problem.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 7th, 2014, 04:04 PM   #5
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Seems like most of the issues have been sorted out. There are nuances in getting everything pushed correctly from:

http://ninjette.org
http://www.ninjette.org
https://ninjette.org
https://www.ninjette.org

to all be correctly pushed to and served from:

https://www.ninjette.org

even when there are subdirectories past the main domain coming in on the query, for all 4 choices. It takes a combination of mod_rewrites to add the www, and redirects between apache virtual servers to push all http traffic to https. For fun, go check any of your favorite sites that use SSL, and try all 4 combinations to see what happens. Just found out my main company's site is borked by a couple of these (Fortune 20).

Also learned that SSL certs are tied directly to "ninjette.org" or "www.ninjette.org", but not necessarily both. Many providers do not create certs that will work on both, and you have to pay extra for wildcard-type certs to cover that case. GoDaddy certs apparently include the domain.com and the www.domain.com, so it is working here by dumb luck, not because I understood that ahead of time.

Added a "site seal" in the footer, which allows the truly paranoid a separate check that my cert provider confirms that this is actually the right site, and the cert was obtained and installed correctly.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old April 17th, 2014, 09:15 PM   #6
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
If people are still seeing SSL errors when they browse ninjette from some pc's, make sure to check out this thread for a possible solution.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old April 21st, 2014, 01:06 AM   #7
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Playing with the ciphersuites available for SSL. We were scoring a C- on Qualys's security test, by allowing all types of ciphers, including older weak ones. No modern browsers are limited to them anymore, so it should be a non-issue to limit the ciphers to the ones that people are using anyway. But - if you are seeing any weirdness, please let me know. Here's what it looks like now:

__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old August 7th, 2014, 09:37 AM   #8
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
This can only help us here:

Google confirms it's giving HTTPS sites higher search rankings
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old August 8th, 2014, 08:14 AM   #9
CynicalC
ninjette.org certified postwhore
 
CynicalC's Avatar
 
Name: Colin
Location: Bay Area
Join Date: Feb 2011

Motorcycle(s): '96 EX250

Posts: A lot.
Quote:
Originally Posted by Alex View Post
Playing with the ciphersuites available for SSL. We were scoring a C- on Qualys's security test, by allowing all types of ciphers, including older weak ones. No modern browsers are limited to them anymore, so it should be a non-issue to limit the ciphers to the ones that people are using anyway. But - if you are seeing any weirdness, please let me know. Here's what it looks like now:

__________________________________________________
ǥ頻| 7. t~| h.
CynicalC is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old October 17th, 2014, 08:00 PM   #10
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
Had to remove support for SSLv3 due to the poodle attack.

info: http://arstechnica.com/security/2014...poodle-attack/

Shouldn't affect many users, but if you are seeing SSL issues when you use an older browser, that may be the reason.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


Old October 17th, 2014, 11:56 PM   #11
alex.s
wat
 
alex.s's Avatar
 
Name: wat
Location: tustin/long beach
Join Date: Sep 2009

Motorcycle(s): wat

Posts: Too much.
Blog Entries: 5
MOTM - Oct '12, Feb '14
but poodles are so adorable
__________________________________________________
alex.s is offline   Reply With Quote


Old March 7th, 2015, 08:39 PM   #12
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
I just updated our SSL cert; it was about to expire. I hadn't realized before that I could do these for multiple years, so the new one won't expire until April 2018.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Old March 7th, 2015, 08:51 PM   #13
alex.s
wat
 
alex.s's Avatar
 
Name: wat
Location: tustin/long beach
Join Date: Sep 2009

Motorcycle(s): wat

Posts: Too much.
Blog Entries: 5
MOTM - Oct '12, Feb '14
didn't the max used to be 2 years? at least that's what my certs were when i bought them back then. it was through the hosting provider though so maybe if you go directly its better?
__________________________________________________
alex.s is offline   Reply With Quote


Old March 7th, 2015, 09:05 PM   #14
Alex
ninjette.org dude
 
Alex's Avatar
 
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008

Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE, '15 CRF110F, '13 TT-R50E

Posts: Too much.
Blog Entries: 7
GoDaddy is allowing 3 years at this point, not sure if/when that may have changed.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org

ninjette.org Terms of Service, ninjette.org Member Map

Shopping for motorcycle parts or equipment? Come here first.

The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered)
Alex is offline   Reply With Quote


1 out of 1 members found this post helpful.
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Heartbleed SSL Bug csmith12 Forum Information 6 April 9th, 2014 12:28 PM
SSL Speakers and Amp Install Bushmaster11B 2008 - 2012 Ninja 250R Farkles 3 October 29th, 2012 01:53 PM


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Motorcycle Safety Foundation

All times are GMT -7. The time now is 09:55 PM.


remote server monitor
Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Except where otherwise noted, all site contents are Copyright 2016 ninjette.org, All rights reserved.