April 6th, 2014, 01:37 AM | #1 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
Trying out SSL
I had played with it about a year ago, had it running for a short while, then broke it unintentionally. I spent much of today getting it up and running again, and now with the larger server capacity we have, I want to try running the whole site through SSL (https). It simplifies many things if you just move the whole site over rather than doing it piecemeal. There will undoubtedly be some quirks along the way, so please post up when/if you notice them.
I know that the wiki might show up with some ssl errors, and I think there still some glitches on the portal page. Also - as we post up many, many images on this forum from other websites, you will frequently see the SSL symbol in your address bar change from full lock/green to yellow. All this means is that some items on the page you are looking at aren't encrypted, as they are being served directly from another website; they aren't coming from our ninjette.org server itself.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
April 6th, 2014, 02:00 AM | #2 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
One thing I'm working on is the youtube embed code; it's not happy right now. The links still work, but I hope to have the existing embed code fixed shortly.
EDIT: Most of the major embedding code is now working fine (youtube, google maps, vimeo, spotwalla, the member map)
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
April 6th, 2014, 03:02 AM | #3 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
The wiki looks pretty good at this point. No obvious SSL errors anymore, and I took the opportunity to update the logo picture and the sizing of the header ad, so it looks much more like the main part of the site. Was able to use the SSL error logs to identify a few other files/images that had been missing for years, including the bullet images on the list pages within the wiki (like here). I think it's time for sleep...
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
April 6th, 2014, 02:16 PM | #4 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
Hmm, I have a user saying on Facebook that they can't get to the site, as it keeps saying invalid certificate and redirecting them. Has anyone else seen anything like that today? (I imagine if it's affecting others, they wouldn't be here either, but worth a shot). Still seeing normal usage and normal traffic so far, so it doesn't appear to be a widespread problem.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
April 7th, 2014, 04:04 PM | #5 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
Seems like most of the issues have been sorted out. There are nuances in getting everything pushed correctly from:
http://ninjette.org http://www.ninjette.org https://ninjette.org https://www.ninjette.org to all be correctly pushed to and served from: https://www.ninjette.org even when there are subdirectories past the main domain coming in on the query, for all 4 choices. It takes a combination of mod_rewrites to add the www, and redirects between apache virtual servers to push all http traffic to https. For fun, go check any of your favorite sites that use SSL, and try all 4 combinations to see what happens. Just found out my main company's site is borked by a couple of these (Fortune 20). Also learned that SSL certs are tied directly to "ninjette.org" or "www.ninjette.org", but not necessarily both. Many providers do not create certs that will work on both, and you have to pay extra for wildcard-type certs to cover that case. GoDaddy certs apparently include the domain.com and the www.domain.com, so it is working here by dumb luck, not because I understood that ahead of time. Added a "site seal" in the footer, which allows the truly paranoid a separate check that my cert provider confirms that this is actually the right site, and the cert was obtained and installed correctly.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
1 out of 1 members found this post helpful. |
April 17th, 2014, 09:15 PM | #6 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
If people are still seeing SSL errors when they browse ninjette from some pc's, make sure to check out this thread for a possible solution.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
April 21st, 2014, 01:06 AM | #7 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
Playing with the ciphersuites available for SSL. We were scoring a C- on Qualys's security test, by allowing all types of ciphers, including older weak ones. No modern browsers are limited to them anymore, so it should be a non-issue to limit the ciphers to the ones that people are using anyway. But - if you are seeing any weirdness, please let me know. Here's what it looks like now:
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
August 7th, 2014, 09:37 AM | #8 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
August 8th, 2014, 08:14 AM | #9 | |
ninjette.org certified postwhore
Name: Colin
Location: Bay Area
Join Date: Feb 2011 Motorcycle(s): '96 EX250 Posts: A lot.
|
Quote:
__________________________________________________
Ç¥ñ頻| ßÿ Ñâ7µ®é. Äñt¡~§º¢Ïä| ßý Çhøî©è. |
|
1 out of 1 members found this post helpful. |
October 17th, 2014, 08:00 PM | #10 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
Had to remove support for SSLv3 due to the poodle attack.
info: http://arstechnica.com/security/2014...poodle-attack/ Shouldn't affect many users, but if you are seeing SSL issues when you use an older browser, that may be the reason.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
|
March 7th, 2015, 08:39 PM | #12 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
I just updated our SSL cert; it was about to expire. I hadn't realized before that I could do these for multiple years, so the new one won't expire until April 2018.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
1 out of 1 members found this post helpful. |
March 7th, 2015, 08:51 PM | #13 |
wat
Name: wat
Location: tustin/long beach
Join Date: Sep 2009 Motorcycle(s): wat Posts: Too much.
Blog Entries: 5
MOTM - Oct '12, Feb '14
|
didn't the max used to be 2 years? at least that's what my certs were when i bought them back then. it was through the hosting provider though so maybe if you go directly its better?
__________________________________________________
|
|
March 7th, 2015, 09:05 PM | #14 |
ninjette.org dude
Name: 1 guess :-)
Location: SF Bay Area
Join Date: Jun 2008 Motorcycle(s): '13 Ninja 300 (white, the fastest color!), '13 R1200RT, '14 CRF250L, '12 TT-R125LE Posts: Too much.
Blog Entries: 7
|
GoDaddy is allowing 3 years at this point, not sure if/when that may have changed.
__________________________________________________
Montgomery Street Motorcycle Club / cal24.com / crf250l.org / ninjette.org ninjette.org Terms of Service Shopping for motorcycle parts or equipment? Come here first. The friendliest Ninja 250R/300/400 forum on the internet! (especially Unregistered) |
1 out of 1 members found this post helpful. |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Heartbleed SSL Bug | csmith12 | Forum Information | 6 | April 9th, 2014 12:28 PM |
SSL Speakers and Amp Install | Bushmaster11B | 2008 - 2012 Ninja 250R Farkles | 3 | October 29th, 2012 01:53 PM |
|
|