Insecure site?

For discussion, questions, bug reports etc. about this site.
Post Reply
VirtualChris
Posts: 153
Joined: February 21st, 2015, 22:53
Location: United States
Contact:

Insecure site?

Post by VirtualChris »

I just got this message when using Firefox. I thought I should tell someone.
unsecure.png
User avatar
mixiekins
Admin
Posts: 58
Joined: August 10th, 2018, 22:15

Re: Insecure site?

Post by mixiekins »

Thanks for the heads up. It's sorted out now.


For the curious:
this happens when you use "https" (emphasis on the "S" there) without the "www." before "pokemon-mini.net" but now it will automatically direct you to the version with "www." at all times.

how:
the SSL (which secures the site and is invoked by the "S" mentioned above) was created for use by "www.pokemon-mini.net" so when it's used by, say, "mail.pokemon-mini.net" or "farts.pokemon-mini.net" or just "pokemon-mini.net" it doesn't match what the SSL expects, so it gives a warning.

why:
when you have a website address (a .com, or .net, or what have you), aka a Domain Name, it can have any number of other addresses under it, like those "www." and "mail." and such examples above, which are called Subdomains. You can actually have more than one server (computer the site's files live within) handle different parts of a site, and you can designate different subdomains to be delegated by those various servers to keep things straight. Heck, you can even give subdomains to different people for their own uses, like, say, bob.domain.com and suzan.domain.com for instance. Of course, you want to be sure that the traffic for one person's subdomain goes to the right place and not end up at another person's place. If Bob makes an SSL for his site, we don't want Suzan using it for hers, so the SSL says "hey, I think some other site is using me" hence the warning pictured above. Of course, anything related to "pokemon-mini.net" is all the same, so the warning is a bit overzealous in our case, so we can make the warning moot (and simply not happen) by editing the .htaccess file in the server to direct all traffic to automatically have "https://www." at the start of the domain name.
VirtualChris
Posts: 153
Joined: February 21st, 2015, 22:53
Location: United States
Contact:

Re: Insecure site?

Post by VirtualChris »

I still get it when I post something and then try to go back to the main page with the blue link at the top.
User avatar
mixiekins
Admin
Posts: 58
Joined: August 10th, 2018, 22:15

Re: Insecure site?

Post by mixiekins »

Please hit the following (depending on which you use)

Windows: ctrl + F5
Mac/Apple: Apple + R or command + R
Linux: F5

If the issue persists, please grab a screenshot which includes the address bar.
If all went well, however, it should look something like this, with the green lock icon at the start of the URL:
Capture.JPG
VirtualChris
Posts: 153
Joined: February 21st, 2015, 22:53
Location: United States
Contact:

Re: Insecure site?

Post by VirtualChris »

Haven't had the issue pop up, but all the moderators must be alert on spam comments and delete them. Like the most recent two.
Post Reply