NikonGear'23
The NikonGear Office => Site Issues => Topic started by: Andrea B. on August 06, 2019, 18:49:53
-
I'm working on verification of HTTPS. Please let me know of any issues you experience while we finish the details.
Thank you -
Andrea B.
-
ICONs , the smileys, otherwise it works ok.
-
I have run the repair script. Then I cleared my own caches to ensure I wasn't getting old pages served up. But I also still see a problem with Smileys. So I'm trying to figure that out! :) :)
-
The main pages are looking good, Andrea: Well done!!
While the Smileys are currently displaying as blue question marks, copying and pasting their URL does insert the punctuation-marks equivalent of the Smiley.
Personal Galleries still have issues though: in mine, I can see the data and the URL but the thumbnails are missing.
-
Looks like Icons and Smileys are back.
Ann, thanks for the info about the Gallery. I think the script I ran was only for the main board. So I will look for the Gallery fix now.
-
testing smilies......
;D 8) ??? :P
-
works now
:-* :-\ :D ;D :( ??? :'(
Android 9.1
-
Looks like the Gallery is back also!!
There were three http replacements which needed to be done manually. That seems to also have brought back the Gallery.
I think we might be done with the forum software. I will monitor this topic for any problems a member runs into on forum operation.
NOTE: We have not yet implemented a fix so that the "mixed content" warning is removed from browsers. This warning occurs for image display. So that will be worked on next. But meanwhile all your logins and topic typing are now secure.
-
Thank you, for the nice and hard work :)
Looks nice now
-
You are very welcome. ;D
-
Andrea, ... what is your poison? Drink on my account
-
Everything looks fine. Thanks for your efforts.
-
Andrea, ... what is your poison? Drink on my account
I'll take you up on that next time I'm in Europe.Was sorry not to have been able to make it this year.
-
I'm now clearing up redirects.
-
Strange icons just now.
-
Andrea:
Galleries appear to have been fixed too!
Thank you!
(I feel a bit guilty in that I may have triggered all this extra work for you so I do send you my huge apologies for that.)
-
Andrea, as always, thank you for your effort!
The address bar in my latest Firefox indicates that the pages contain unsecured contents: the black padlock icon does appear but with the exclamation mark. A green padlock icon should appear on the secured website.
-
Ann, no apologies necessary! There really was very little for me to do on my own. The HTTPS installation was handled by the server provider Site5. The Simple Machines Forum team provided a script to upgrade the forum software. It was only left to me to locate a few instances of http which were not accessed by that script. Once I found those the Icons and the Gallery were fixed.
There are only a few odds and ends left to clean up. For example, redirects. We want to "force" HTTPS in case old links to the site are still in use so we will force a permanent redirect to https://nikongear.net/revival.
The only slow down in this HTTPS conversion happened because Birna and I have both been traveling. So we had more downtime in the conversion process than would normally have been expected while one or the other of us arrived somewhere we could communicate about the "next step".
-
P.S. The gold padlock will remain for awhile until user uploaded images can be secured. But logins and any other access are now safe and secure.
Also, the permanent redirects take a few days to trickle through the DNS servers. Until then it is still possible to land on what appears to be an unsecured website if you use the URL http://www.nikongear.com, for example. But when you click on any link after such a landing, you get the secure page (except for the images, as mentioned.)
-
All users might want to empty their browser caches. If you access an old cached page, you might still see some weird stuff until newer versions are cached.
-
OK, I think I have the Green Padlock now. Hurray!!
There was a setting for the Nikongear Logo at the top of the page which was difficult to find in order to change the path from http to https. There's always one very elusive URL that holds things up !!!!
-
Andrea:
Galleries appear to have been fixed too!
Thank you!
(I feel a bit guilty in that I may have triggered all this extra work for you so I do send you my huge apologies for that.)
Ann, 🍓, as long as you send a huge cheque also ... ROTFL
-
Nobody caused any extra work!! The forum software is rather extensive, so the switch to https could not happen all at one time. First the main forum was done, then the Gallery. And the modifications made to the forum in the "skins"/Themes are a third area -- where I'm still checking.
I did find something in a Theme this morning which needed a path repair (http --> https) which I'm currently trying to track down.
-
Andrea, as always, thank you for your effort!
The address bar in my latest Firefox indicates that the pages contain unsecured contents: the black padlock icon does appear but with the exclamation mark. A green padlock icon should appear on the secured website.
Yes, in my Firefox as well. A part of the site is not secure. Could be something very simple and tiny...
-
Yes, in my Firefox as well. A part of the site is not secure. Could be something very simple and tiny...
I have, but don't normally use, Firefox. Being curious, I launched Firefox just now, using the new htpps address, and I also got the black padlock w/exclamation added.
-
OK, I think I have the Green Padlock now. Hurray!!
There was a setting for the Nikongear Logo at the top of the page which was difficult to find in order to change the path from http to https. There's always one very elusive URL that holds things up !!!!
The Nikongear logo is still missing, at least on my Firefox. I tried Edge as well, and the result was the same (padlock with exclamation mark).
-
The Nikongear logo is still missing, at least on my Firefox. I tried Edge as well, and the result was the same (padlock with exclamation mark).
No logo on Safari either, but I've not seen any other issues with it.
-
The logo was there earlier today, in Safari, it is still on the iPad.
-
The logo was there earlier today, in Safari, it is still on the iPad.
Bent, did you clear the cache?
I tried Firefox and Edge on my Win 10 machine (the latest versions) as well as Safari on iPad (the latest).
On Firefox and Safari, the Nikongear logo is replaced with the existing block style fonts. On Edge, the "missing pict file" icon is shown. Both Firefox and Edge indicates the webpages contains unsecured data.
-
Bent, did you clear the cache?
I tried Firefox and Edge on my Win 10 machine (the latest versions) as well as Safari on iPad (the latest).
On Firefox and Safari, the Nikongear logo is replaced with the existing block style fonts. On Edge, the "missing pict file" icon is shown. Both Firefox and Edge indicates the webpages contains unsecured data.
The logo, using the new htpps address, appears in Safari on my iPad and my iPhone, neither of which I had not looked at earlier, but not on my Mac.
-
The logo, using the new htpps address, appears in Safari on my iPad and my iPhone, neither of which I had not looked at earlier, but not on my Mac.
Carl, which type of logo are you seeing? On my iPad Safari (accessed via the new https URL after clearing cache), I just see the logo of straight bold sans-serif type, not the familiar original one resembling the bold italic type.
-
Carl, which type of logo are you seeing? On my iPad Safari (accessed via the new https URL after clearing cache), I just see the logo of straight bold sans-serif type, not the familiar original one resembling the bold italic type.
San-serif type.
-
San-serif type.
That should be the same one as what I'm seeing currently. And that is not what is supposed to be displayed.
-
I don't see a padlock of any sort yet, nor the logo, see screenshot. I have never seen a coloured padlock, black only on any website I have ever visited.
I have cleared history, which is what I assume you mean by 'clearing cache', terminology varies form system to system... I used Andrea's link https://nikongear.net/revival and saved it in my bookmarks, I almost never shut my computer down and have a dedicated window for my regularly visited/current interest photography sites, which are accessed via tabs within that window.
I am running Mac OS 10.14.5 and the latest Safari on a 2014 iMac.
I just checked my iPhone (6s) ensuring I was using the correct https url and the logo is present but no padlock.
May I add my appreciation and thanks for the efforts to update the forum and keep it running smoothly. ;D
-
I see the same as Robert, and that is with a cleared cache.
-
I just did a test with Firefox on my Mac.
The difference can be seen on the screen shots
First Safari, next Firefox
-
I just did a test with Firefox on my Mac.
The difference can be seen on the screen shots
First Safari, next Firefox
My Firefox on Win 10 looks like your last capture only with the slightly different font for "Nikon Gear" logo, probably because of the difference of the fonts that the system has. The same padlock with the exclamation mark.
-
Yes, Akira, me too - and I am also on Firefox. In particular, the same dark grey padlock with the orange triangle containing the black exclamation mark.
My Firefox on Win 10 looks like your last capture only with the slightly different font for "Nikon Gear" logo, probably because of the difference of the fonts that the system has. The same padlock with the exclamation mark.
-
:-\
-
Okay, Safari is a bit different. In Safari, just go to the URL address pane and clock on it once, and you will see the new htpps address and an NG logo In that pane. Image below. Still no logo on upper left of the page face though.
-
Yes, the Logo currently has a problem! And I have not been able to find it yet!!
I will keep you all updated on the search.
-
The Logo problem does not occur with the Revival No Orange theme.
If you would like to test this theme, then click the change button as follows:
Profile > Modify Profile > Look and Layout > Current Theme: xxxxx (change)
When the theme selection window pops up, then scroll to Rev NoOrange and click [Use this theme].
-
I THINK I FOUND THE PROBLEM!! 8) 8) 8) 8) 8) 8) 8) 8) 8) 8)
Stay tuned. This will take a moment to fix.
-
Logo is now showing.
-
Yes, the logo is back!
The yellow triangle with the exclamation mark persists, though, unfortunately.
-
OK, the Logo has returned. Hurray!!!
The Logo disappeared because the SMF repair script skipped the update for the Logo image url.
THANK YOU ALL for the reports and the examples from different browsers. That is very helpful!
Again, I will monitor this topic for further reports of any problems.
-
Yes, the logo is back!
The yellow triangle with the exclamation mark persists, though, unfortunately.
No exclamation mark on Safari.
-
I have cleared history, which is what I assume you mean by 'clearing cache', terminology varies form system to system...
You need to go into Safari Preferences>Advanced>Check Show Develop Menu in Menu Bar.
This gives you a new Develop item in the Safari menu bar. You need to go into this and click on Empty Caches.
-
Remember to clear browser caches/history.
-
Well, what.the.heck........
I just brought up Safari and got a question mark in place of the Logo.
<giant eye-rolling groan>
-
oh DUH.
Of course I did not remember myself to clear the Safari history/cache.
I'm going to go get my iPad and see how everything looks there.
-
I notice on Safari that the yellow fade in the header goes in the opposite direction from the yellow fade as displayed in Firefox.
That's a strange one!
ADDED LATER: fixed that.
-
Logo and Fade are both looking good in Safari now.
I will try Firefox and report back if I see anything amiss.
-
I hate to frustrate Andrea (or any other moderators who would be involved with the transition), but the yellow triangle with the exclamation mark persists on my Firefox on Win 10.
I replaced the bookmark with the latest https one and I've just cleared the cache and restarted the computer.
On my iOS Safari, the padlock and the URL are displayed in black, not green.
In some other websites where the padlock is displayed in green on Win 10 Firefox, the padlock and URL are displayed in black on the same iPad Safari.
I don't know what causes the discrepancy...
-
In some other websites where the padlock is displayed in green on Win 10 Firefox, the padlock and URL are displayed in black on the same iPad Safari.
I don't know what causes the discrepancy...
I have spent a few minutes googling and it seems the green padlock on some browsers means the communications between client and host (internet browser user and website) are encrypted.
I also found this page, which is saying there will be a change of emphasis from confirming a 'safe connection' (with a padlock), to stronger warnings about insecure sites, once https websites become the norm, as I hinted in my first post on this subject.
https://www.cnet.com/news/say-good-bye-to-that-green-secure-lock-on-google-chrome/
I haven't actually found anything from Apple to confirm this but my expectation is that Apple will be following a similar path, given their trend towards minimalistic simplicity. I have yet to see anything other than a black padlock, definitely not yellow or green on my computers. Except on very rare occasions I only use Safari.
-
Andrea, a huge thank you from the rest of the NikonGear team! :-* Great work you do usually way in the background ;)
Well done!
-
Andrea, a huge thank you from the rest of the NikonGear team! :-* Great work you do usually way in the background ;)
Well done!
+1 :)
-
I have spent a few minutes googling and it seems the green padlock on some browsers means the communications between client and host (internet browser user and website) are encrypted.
I also found this page, which is saying there will be a change of emphasis from confirming a 'safe connection' (with a padlock), to stronger warnings about insecure sites, once https websites become the norm, as I hinted in my first post on this subject.
https://www.cnet.com/news/say-good-bye-to-that-green-secure-lock-on-google-chrome/
I haven't actually found anything from Apple to confirm this but my expectation is that Apple will be following a similar path, given their trend towards minimalistic simplicity. I have yet to see anything other than a black padlock, definitely not yellow or green on my computers. Except on very rare occasions I only use Safari.
Robert, thank you for taking time to investigate the issue and sharing the link. I've never used Chrome yet, but iOS Safari appears to behave according to the policy similar to that of Chrome.
-
Eric, thank you. I'm happy that I could help here at Nikongear. And it was good for me to learn more about HTTPS admin.
"The Green Padlock": I was using this term generically as is common with admin folk! Apologies for the confusion about what should appear on your browser. The primary thing to look for is that the Padlock should be locked and should not be overlaid with any warning symbol. The color of the padlock might be green, grey, black (or ?). It's possible it could be another colour depending on what browser theme one has chosen. I changed the news notification on the NG header to read "Green/Black/Grey Padlock". ;D
Akira, what is the status this morning (here in the Eastern US, that is) of your padlock? Is it still showing a warning? If so, then I'll try to track down what the problem is.
-
If you do happen to see a Padlock warning symbol, then you can help diagnose the problem. The following instruction is for Firefox. I'll try to find the instructions for other browsers and add them later.
Firefox Diagnose a Padlock Warning:
Padlock > Right Arrow > More Information > Media > Address > Look for http.
Click the padlock. On the popup, click the arrow icon on the right. On the next popup, click the More Information bar at the bottom. On the next popup window, click the Media button at the top. On the next popup window there is an Address box at the top. Scroll through that list and look for anything which has an http url rather than the secure https url. Copy/paste it to this topic so that I can look for the offending item.
-
If you do happen to see a Padlock warning symbol, then you can help diagnose the problem. The following instruction is for Firefox. I'll try to find the instructions for other browsers and add them later.
Firefox Diagnose a Padlock Warning:
Padlock > Right Arrow > More Information > Media > Address > Look for http.
Click the padlock. On the popup, click the arrow icon on the right. On the next popup, click the More Information bar at the bottom. On the next popup window, click the Media button at the top. On the next popup window there is an Address box at the top. Scroll through that list and look for anything which has an http url rather than the secure https url. Copy/paste it to this topic so that I can look for the offending item.
I checked it in my Firefox, but could not detect an http-link in the media. It's all https. The error is 'the page uses weak encryption'.
I checked my Chrome as well, and there the site is 'secured' :)
-
Here is what I see in Firefox.
-
I just ran GoDaddy's SSL Checker and it reported that Nikongear.net is secure.
-
Yes, mobile version gives the green lock, and now the desktop (PC) also !!
Sorry for the confusion !
-
No problem, John. It takes a while for everything to catch up to the HTTPS installation.
-
Excellent work Andrea!
For what it's worth Firefox seems to be fussing over the level of encryption and whether "other people may be able to view your Content"!
Well, yes — but isn't that the whole idea of showing our photographs here?!
NG isn't operating as a Bank!!
-
Andrea, sorry to say, this is the result I got from GoDaddy.
-
For what it's worth Firefox seems to be fussing over the level of encryption and whether "other people may be able to view your Content"!
I have not seen anything like this on my Firefox.Where do you see this fussing message?
********
Akira, that is not the result of an SSL Certificate check. That result is about the forum software over which I have no control.
-
Akira, that is not the result of an SSL Certificate check. That result is about the forum software over which I have no control.
Oh, I see. Sorry for my ignorance! The exclamation mark on the padlock in my Firefox still persists, though. I have cleared the cash and logged on every time I have tried to confirm if the padlock is green...
-
Is your browser up to date?
-
Is your browser up to date?
Yes, my Firefox on Win10 is of the latest version. I haven't updated my Win10 to the newest 1903 yet, but I always keep the security files up to date.
-
I found what I described as "Firefox fussing" somewhere deeply inside Mozilla where it was explaining what the padlock symbols signify.
This screen shot indicates that the NG encryption is "broken" so perhaps there is a problem with the certificate itself?
(https://nikongear.net/revival/gallery/0/1358-100819153423-732174.jpeg)
-
Ann, thank you for the screen shot! As I'm sure everyone realizes, I have no way to know how things look on every laptop/PC/mobile configuration. :)
If anyone else would like to check their Firefox Padlock, do this:
Click Padlock > Click Right Arrow (on the right of popup) > Click More Information (at bottom of popup) > Click Security Button (at top of window)
Now, interestingly, here is what I get from my Firefox Padlock which is different from what Ann is seeing. I do not know why.
Ann, try this: Log out of Nikongear. Clear Firefox browser history/cache/cookies. Then log back into Nikongear and recheck the Padlock.
-
Akira, I haven't forgotten you!!! This morning I'm going to use a Windows 10 machine to try to figure out if there is some small piece of forum software which is escaping https. The typical cause is that the path to a png, bmp or jpg file was not updated by the https repair script.
-
YES!!! I do see the yellow warning symbol on our Windows machine. And I also see the warning Ann posted about "weak encryption".
So I'll investigate this.
ADDED: I'm skipping over the details as I report this. For anyone who's into security, our Windows problem is in the area of Transport Layer Security and the current TLS standards.
Although the very strange thing is that this is a problem on Firefox-on-Windows and not in Firefox-on-Mac. Way weird.
-
I am glad that the screen shot helped.
Incidentally, my Mac records screen shots as PNGs but I had to re-save it as a JPG before my NG Gallery would show it.
It might be useful if Galleries could accept PNGs?
But only when you have nothing else to do!
:)
-----
I have just taken a look at the equivalent FireFox notice for my own site and I spot a difference in the "Verified By:" entries.
Mine says: Verified by: letsencrypt (the company which provided my certificate);
but the equivalent entry on the NG site says: Not Specified.
That might be why FF reports it as "Encryption Broken"?
-
Yes, that is one part of the mystery! It looks as though the Certificate isn't being recognized somehow.
Originally PNGs were not permitted due to size restrictions. But I will check on this later.
-
Andrea, thank you again (and again) for your effort!
As of typing this particular reply, I'm logging in from Edge on the very same Win10 machine. The padlock appears in the same way as, say, in Facebook or Amazon, indicating that the NG is secured.
So, I have kind of confirmed that the problem seems to be unique to Firefox on Win10.
-
my Mac records screen shots as PNGs but I had to re-save it as a JPG before my NG Gallery would show it.
Ann: This may help customise your Mac to more sensible settings. I find it invaluable, it sits alongside the official 'System Preferences' in my dock.
https://www.bresink.com/osx/TinkerTool.html
-
Seapy:
Thank you.
At one time I had re-configured my System Settings through Terminal so that screen shots would save as JPGs but nowadays PNGs are acceptable just about everywhere so now I just leave it to save PNGs.
(Posting in NG just now was the first time that posting a PNG has been an issue.)
One can also use Terminal to change the format to which a screenshot is saved by typing:
defaults write com.apple.screencapture type jpg
You can use the suffix for whatever format you want instead of the "jpg" in the above example.
-
I am glad that the screen shot helped.
Incidentally, my Mac records screen shots as PNGs but I had to re-save it as a JPG before my NG Gallery would show it.
It might be useful if Galleries could accept PNGs?
But only when you have nothing else to do!
:)
-----
I have just taken a look at the equivalent FireFox notice for my own site and I spot a difference in the "Verified By:" entries.
Mine says: Verified by: letsencrypt (the company which provided my certificate);
but the equivalent entry on the NG site says: Not Specified.
That might be why FF reports it as "Encryption Broken"?
Screen shots can be converted to .jpg format by opening them in Preview (default for Dropbox). The path is preview/file/export then change to desired format and save. This offers more flexibility than resetting the default via the Terminal.
-
Yes, using Preview is another way to do it if you need to.
However, PNGs work very well for me and are accepted on their sites by the companies for whom I beta-test software which are where I have the most need to post screen shots.
-
So, I have kind of confirmed that the problem seems to be unique to Firefox on Win10.
Yes.
And this is strange. But I'm now thinking it might have something to do with Windows Certificates updates. Not sure yet.
We might also need an update to our Apache configuration. Not sure I can access that, but will check.
-
Yes, using Preview is another way to do it if you need to.
However, PNGs work very well for me and are accepted on their sites by the companies for whom I beta-test software which are where I have the most need to post screen shots.
That was sort of my point. Leaving the default as is allows you to continue with PNGs, or use
-
Firefox on Win7 shows the same issue as Akira reported for Win10.
Our SSL certificate provider is Sectigo.
-
and also USERTrust RSA Certification Authority
and AddTrust External CA Root
-
I ran a deep check. Our certificate is trusted by Mozilla, Apple, Windows, Android and Java.
-
Firefox on Win7 shows the same issue as Akira reported for Win10.
Our SSL certificate provider is Sectigo.
Just checked the SSL certificate on Sectigo's own checker. As expected, it is valid and not expired.
-
At this point I'm going to have to write a Support Ticket at Site5 to get the Apache configuration checked. I cannot access that. This will take a few days. Hopefully we can turn off old TLS in the Apache config and only use the latest.
-
I also have Akira's issue with Windows 10 using firefox. I have cleared the cache and re logged on. Other sites I visit show the green padlock.
Cheers
-
Our "sister site" ultravioletphotography.com, which also recently saw a change to HTTPS with Andrea's help etc., displays the Green Padlock as expected. Firefox on Win7 & 10 & Linux.
-
Our "sister site" ultravioletphotography.com, which also recently saw a change to HTTPS with Andrea's help etc., displays the Green Padlock as expected. Firefox on Win7 & 10 & Linux.
In the UV sister site, a nice green padlock is displayed on the very same Firefox that shows a black padlock with exclamation mark in the orange triangle.
-
Our "sister site" ultravioletphotography.com, which also recently saw a change to HTTPS with Andrea's help etc., displays the Green Padlock as expected. Firefox on Win7 & 10 & Linux.
While they may prefer Firefox, Mac users can use Safari or Chrome instead. Then once the FF issue is fixed they can switch back to it.
-
I don't use Mac.
-
I don't use Mac.
No, you don't. but some others do, which is why I said that. FF has the same problem on my Mac as it does on PCs, but I don't use FF anyway. so for me it's a non-issue.
-
I don't normally use Firefox but there is reason not to continue to use it if it is your regular browser because it will still connect you to NG even though you may see the exclamation icon in the address line for the moment.
-
I don't normally use Firefox but there is reason not to continue to use it if it is your regular browser because it will still connect you to NG even though you may see the exclamation icon in the address line for the moment.
I agree, but some folks, are nervous about FF, and using other browsers will circumvent the problem until FF is fixed.
-
I use Firefox on my main machine (PC) simply because of its simpler and less pushy user interface. Even though the black padlock with the exclamation mark persists, I would continue to use it.
Basically I'm reluctant to install more than one kind of software for the same purpose, so I would see if the UI of Edge would become better when it will be based on Chromium.
On my Mac and iPad, which replaced my Mac, Safari is just fine for me.
-
If the only complaint by Firefox is "weak encryption", then I think you can feel secure enough to use Firefox until we can find out what might be causing that message. Weak encryption is still encryption!! So transmission between your browser and the server and between the server and your browser is protected.
Luckily I live in a place where security doesn't seem to matter too much: I never lock my car; only lock my house if I am actually going to be away; and have friends in the area who tell me that they don't even know where their house key is!
Ann, are you aware just how easy it is to pinpoint where someone is living in an unlocked house? I would most definitely never never never advertise lack of security on an open forum.
PNG is turned on. Let me know if there are any problems uploading PNGs.
-
I'm online now with Site5 to discuss the "weak encryption" problem in Firefox.
-
update: We do have the highest level security protocol TLSv1.2 enabled. However, it is possible that the weaker protocols have not been disabled. Enabliing one does not automatically disable the other.
-
Site5 will be working on this. I'll update here when I have any info. 8)
-
Note: While we are waiting for the disabling of weak protocols.....
As the end user, please make sure you are using a browser version which supports security protocol TLS 1.2. I doubt anyone is still using browsers or mobile platforms which are so out-of-date that they don't support this. But I did want to make a note about it.
-
And so we hit a snag.
Our server, Site5, refuses to permit the most secure protocol unless a new hosting plan is purchased. Thus the matter has escalated very much beyond my "pay grade", as they say*. It doesn't all quite make sense to me because we do have some browsers happily performing quite securely.
I will refer everything to Birna and the Crew at this point.
I think you are safe enough entering your passwords under weak encryption. Or set up another browswer for NG temporarily until the matter has been resolved. The safest browser of all is Tor, in case anyone might like to try that.
*Just a little joke about the pay grade. I receive no pay, nor would I want to for those few tasks I perform for NG to help out my friends.
-
,,,,I think you are safe enough entering your passwords under weak encryption,,,,
I believe we are quite safe ;) Thank you!
-
I am getting an error accessing Nikongear since today, in Firefox i can workaround the issue, but in Opera its hassle where the error page appears every time you click.
-
We just returned to operational state after a database corruption issue was fixed. Perhaps deleting your NG session cookie and logging in again would help?
-
Cleaning browser cache, log-out and restart solved the issue.
-
Glad to hear.
-
Thanks for the support.
-
If any encounters safety issues (site claimed to be NOT SAFE or similar), do the following:
- Log out from Nikongear
- Clear the Nikongear session cookie (it's just a single one, see instructions for your browser how to delete a cookie)
- Log in again
That should solve the security issue.
-
Have experienced the same issue, but can access again now without clearing the cache or logging out and in.
Thank you for the effort.
-
I get a lot of "site is not secure, hackers may steal your data"
-
If any encounters safety issues (site claimed to be NOT SAFE or similar), do the following:
- Log out from Nikongear
- Clear the Nikongear session cookie (it's just a single one, see instructions for your browser how to delete a cookie)
- Log in again
That should solve the security issue.
thank you. clearing browser data solved it
-
I have logged off, cleared cache, login , a couple of times
site shows as not secure
-
Same here, on my Win7 system I am still getting the red Not secure warning in Chrome after following the direction to log out and delete the site cookies. It still reports that the certification is invalid in the info displayed when I click the red text.
Same problems in Chrome on my Android Phone.
I can access the site if I ignore the warnings.
-
My Firefox was giving the following diagnostic: "Certificate is not in the same domain as the site" (sthg like that). I solved by adding the certificate to list of exceptions, and now there are no more issues. It is probably related to the system restore that Birna mentions.
Ciao from Massimo
-
My Firefox was giving the following diagnostic: "Certificate is not in the same domain as the site" (sthg like that). I solved by adding the certificate to list of exceptions, and now there are no more issues. It is probably related to the system restore that Birna mentions.
Ciao from Massimo
Same here. Once I gave permission it is working as usual. I wonder about people coming to visit for the first time: it is not a nice welcome...
-
same here,
but problem solved a few minutes later without clearing the browser.
It's al fine now
-
I did not have to make an exception for the certificate. Probably there are tiers of cached copies of the actual web pages throughout the 'net including local caches for your ISP. Eventually they will be reloaded to reflect the new situation.
-
I remembered that I had to add the certificate to the exception. When I cancelled the exception, the warning message was displayed again, saying that the certificate is not valid. I use the latest Firefox on the latest Win10.
Also, Safari on iPad warns that the connections is not private and that this website is suspected to be fake with the purpose to steal private data.
-
No issues here in Safari after clearing the history.
-
No issues here in Safari after clearing the history.
it might be more than Cookies. I cleared the whole browser too, Chrome (WebKitEngine as Safari) on Android 9
-
I was having problems with another site, in addition to NG, yesterday so I cleared my cache and cookies too.
All is well now!
-
I wonder if Firefox is overly restrictive compared to other browsers? The Safari on my 3rd-gen. iPad Air with the latest iOS12 also displays the same kind of warning.
-
I wonder if Firefox is overly restrictive compared to other browsers? The Safari on my 3rd-gen. iPad Air with the latest iOS12 also displays the same kind of warning.
I found Opera a lot stricter.
-
I had the same problem as others, with Safari.The browser showing the "not private sign" when coming into NG or a garbled site when coming with my fave... Thanks to Fons, I went forward and managed to log out and clear my history .
At this instant I logged back in and all looks like before... Phew !
-
On my iMac running Mojave I had this a couple of days ago. it wouldn't load the NG site from any of my bookmarks, so I overrode the warning, signed my life away according to the warnings and told Safari to get on with it. I did not delete cookies or reset the browser.
Everything is still working as expected this morning.
If I stop posting, it was a fatal mistake, though I doubt it. Nagging-nanny software more like.
-
Same issue everyone else is having, both on my mac mini running Chrome and ipad. I’ll check at work later to see whether it is an issue on my work computer running Windows 10.
-
With Chrome / Android it was much easier to solve that than with Firefox / Windows.
-
I found Opera a lot stricter.
Do you also have to set NG as exception to access on Opera?
With Chrome / Android it was much easier to solve that than with Firefox / Windows.
Did you just clear the cache and logged in again?
-
If any encounters safety issues (site claimed to be NOT SAFE or similar), do the following:
- Log out from Nikongear
- Clear the Nikongear session cookie (it's just a single one, see instructions for your browser how to delete a cookie)
- Log in again
That should solve the security issue.
There was two cookies. Removing them didn't solve anything for me.
-
I also had to add an exception.
Win10 Firefox.
Cleared the exception, warning comes up.
Clear cookies .. no real change.
Did the log out/log in routine .. same results.
The warning I see tho is not about certificate, FF says 'weak encryption'
Click on the yellow triangle warning where the https green lock should be, and it opens the dialogue box.
It just says, 'the connection is not secure, this page uses weak encryption'
-
According to our site provider, nothing is wrong with the certificate.
When Andrea has finished her move to New Mexico, I'll ask her to investigate.
-
Do you also have to set NG as exception to access on Opera?
Did you just clear the cache and logged in again?
I resolved the issues right away with above operations, initially i noticed Opera was very strict, maybe thats why i like it.
-
I resolved the issues right away with above operations, initially i noticed Opera was very strict, maybe thats why i like it.
Fons,
does it show as secure ?
I no longer get the warnings but is says the site is not secure and shows the certificate as invalid
-
Opera reads :
Security overview
This page is not secure (broken HTTPS).
Certificate - missing
This site is missing a valid, trusted certificate (net::ERR_CERT_COMMON_NAME_INVALID).
View certificate
Resources - all served securely
All resources on this page are served securely.
Connection - obsolete connection settings
The connection to this site is encrypted and authenticated using TLS 1.0, RSA, and AES_256_CBC with HMAC-SHA1.
TLS 1.0 is obsolete. Enable TLS 1.2 or later.
RSA key exchange is obsolete. Enable an ECDHE-based cipher suite.
AES_256_CBC is obsolete. Enable an AES-GCM-based cipher suite./revival/index.php?topic=8752.msg146813;topicseen#msg146813:1 The connection used to load resources from https://nikongear.net used TLS 1.0 or TLS 1.1, which are deprecated and will be disabled in the future. Once disabled, users will be prevented from loading these resources. The server should enable TLS 1.2 or later. See https://www.chromestatus.com/feature/5654791610957824 for more information.
-
Fons, thank you for the details.
On Firefox, the orange triangle has never disappeared since the site had become https and warns basically for the same reason as Opera indicates.
-
...
TLS 1.0 is obsolete. Enable TLS 1.2 or later.
....
thank you Fons, great detail
we had to do this at work with the multiple servers my team supports
-
https://knowledge.digicert.com/generalinformation/INFO3299.html (https://knowledge.digicert.com/generalinformation/INFO3299.html)
-
Today I had to run through the same procedure again (Windows 10, current Firefox x64), although it seemed to have worked yesterday...
Plus I get the organge triangle with the statement the encryption is weak and defective (TLS 1.0)
-
We happen to know the root of the alleged problem is with our server. However, unless Andrea can escape from her moving duties, (from New Jersey to New Mexico) we simply don't have the "manpower" to deal adequately with the padlock issue.
-
Opera reads :
Security overview
This page is not secure (broken HTTPS).
Certificate - missing
This site is missing a valid, trusted certificate (net::ERR_CERT_COMMON_NAME_INVALID).
View certificate
Resources - all served securely
All resources on this page are served securely.
Connection - obsolete connection settings
The connection to this site is encrypted and authenticated using TLS 1.0, RSA, and AES_256_CBC with HMAC-SHA1.
TLS 1.0 is obsolete. Enable TLS 1.2 or later.
RSA key exchange is obsolete. Enable an ECDHE-based cipher suite.
AES_256_CBC is obsolete. Enable an AES-GCM-based cipher suite./revival/index.php?topic=8752.msg146813;topicseen#msg146813:1 The connection used to load resources from https://nikongear.net used TLS 1.0 or TLS 1.1, which are deprecated and will be disabled in the future. Once disabled, users will be prevented from loading these resources. The server should enable TLS 1.2 or later. See https://www.chromestatus.com/feature/5654791610957824 for more information.
thank you, Fons!
-
I had a brief problem, just told Firefox to make a certificate exception, which shows now on the URL bar. It works fine this way. I will try at some point soon to unexcept it and see what happens next, but I'm trusting that the Nikongear folks are not going to sneak in and steal my stuff.
-
but I'm trusting that the Nikongear folks are not going to sneak in and steal my stuff.
That remark leads me to believe that you're under the wrong impression about this situation. NG folks were never suspected of anything untoward, a point that needs to be made.
-
That remark leads me to believe that you're under the wrong impression about this situation. NG folks were never suspected of anything untoward, a point that needs to be made.
yes, Carl, true: because encryption is weak or non existent anyone can read what is send or received in principle
-
What exactly do I have to do to stop seeing this?
(https://live.staticflickr.com/65535/48797124601_05b83b962d_o.jpg)
-
Accept as an exception.
To prevent a misunderstanding: our server does run with the https security protocol, but not at the highest level of TLS (so far). This is what triggers the warning.
-
Accept as an exception.
To prevent a misunderstanding: our server does run with the https security protocol, but not at the highest level of TLS (so far). This is what triggers the warning.
Thanks, could you please tell me how to do that? I use Firefox.
-
Click on
I understand the risks and wish to continue
-
I don't find where I can accept the risk and click that. I am on a PC with Chrome browser. Any help appreciated. Otherwise, my every keypress initiates all of this bothersome stuff.
-
Click on
I understand the risks and wish to continue
Hi Fons, I have been doing that, but I have to do it each time I come back to NG.
Is there someway to accept permanently?
-
Hi Fons, I have been doing that, but I have to do it each time I come back to NG.
Is there someway to accept permanently?
A detailed procedure was mentioned in this thread,
simply log out of Nikongear, clear browser caches,
a program like CCleaner will easily take care of that, restart and log in to Nikongear.
I don't find where I can accept the risk and click that. I am on a PC with Chrome browser. Any help appreciated. Otherwise, my every keypress initiates all of this bothersome stuff.
Michael, cleaning browser history and clearing the cache within Chrome shall not be all that different.
-
I am still bothered with this at the top, goes away, and then it shows again :o
-
The DB corruption message is the one that should be displayed. The fact you see different sometimes is an indication the data stream to your browser is being cached here and there. Old stuff might prevail and not being properly flushed from the caches.
-
Thanks done.
-
I get certificate errors with all my browsers. All offer a "proceed anyway" option (Edge, Chrome, Internet Explorer and Firefox). But no way to make that "sticky" that I have found.
-
I put in a security exception for Firefox, which seems to be sticking.
-
I put in a security exception for Firefox, which seems to be sticking.
Could you please be so kind to explain how one does this?
I cleared the cache and that worked for a little while, but now the warning has returned :(
-
Could you please be so kind to explain how one does this?
....
Try this:
In FF, go to the options page(small gear looking icon).
In the Options page, on the left hand side, click on privacy & security. Scroll down to bottom and look for the certificates area.
Click the [View Certificates] box, which will pop open a new sub-window.
There are 4 tabs across the top, click on the Servers tab.
You will then see a list of certificate servers, scroll down to find the one labelled:
"Secticgo Limited ..... *.accountservergroup.com ..... nikongear.net:443"
If it's not listed, then at the bottom edge of the window is a button to create an exception.
When you click on it, it will open a dialogue box with https:\\ already set, you add in nikongear.net to complete the address field.
One of a few things may happen:
If the nikongear certificate is listed in the server list, it may already be valid and verified .. so no need to do anything.
(this is what mine says now)
If for some reason yours doesn't show the certificate valid, then on entering the required data, the add exception box should enable itself, allowing you to add an exception.
Another option: if you have the certificate listed on the servers list, click on the *accountserver line and delete it, and run through the [add exception] routine again.
Also note, to make it permanent there is a tickbox to do so at the time of adding the exception.
Hope that helps.
-
Try this:
In FF, go to the options page(small gear looking icon).
In the Options page, on the left hand side, click on privacy & security. Scroll down to bottom and look for the certificates area.
Click the [View Certificates] box, which will pop open a new sub-window.
There are 4 tabs across the top, click on the Servers tab.
You will then see a list of certificate servers, scroll down to find the one labelled:
"Secticgo Limited ..... *.accountservergroup.com ..... nikongear.net:443"
If it's not listed, then at the bottom edge of the window is a button to create an exception.
When you click on it, it will open a dialogue box with https:\\ already set, you add in nikongear.net to complete the address field.
One of a few things may happen:
If the nikongear certificate is listed in the server list, it may already be valid and verified .. so no need to do anything.
(this is what mine says now)
If for some reason yours doesn't show the certificate valid, then on entering the required data, the add exception box should enable itself, allowing you to add an exception.
Another option: if you have the certificate listed on the servers list, click on the *accountserver line and delete it, and run through the [add exception] routine again.
Also note, to make it permanent there is a tickbox to do so at the time of adding the exception.
Hope that helps.
Thanks Arthur for that detailed and terrific step by step walk through. It was like following a teaching aid and worked perfectly.
Thanks mate!!!!!
-
my Android tilted again, a new exception....
-
Funny, I 'proceeded anyway' just once in Firefox yesterday and there have been no problems since. No clearing of caches or anything of that sort. Mystery...
-
Error.
-
error
-
Funny, I 'proceeded anyway' just once in Firefox yesterday and there have been no problems since. No clearing of caches or anything of that sort. Mystery...
I had already cleared the cookie and re-logged in to NikonGear a few days ago, all was working fine again as far as early morning (NZ time). Then mid morning I had the same problem again. I cleared the cookie again, re-logged in, still wasn't quite right, "proceeded anyway" and it has been fine so far... (using Chrome)
-
Up till today, I'd not been on NG since I first got the security warning.
I'm rather surprised there isn't a "sticky" post covering the latest status of this issue.
Do we have an ETA when people will no longer see the security warning?
I'd have thought this could impact potential new members from visiting?
-
I see now that if we choose to "accept the risk" the warning message no longer appears the next time you try to access the site
Is this why people seem so relaxed about this issue?
-
I see now that if we choose to "accept the risk" the warning message no longer appears the next time you try to access the site
Is this why people seem so relaxed about this issue?
right, if the site is not going to be secure anyway why keep using https and have to accept the risk by clicking extra screens every so often it is becoming annoying
-
I still get the occasional database information, the caches around the world should have been flushed by now, so maybe something is still amiss.
-
n this laptop with Win 10 and Firefox, if I cancel the security exception, I can get on the main page all right but as soon as I open a sub forum I get the certificate message again and must re-institute the exception.
I just tried logging in on an Android phone which has never been used for this before, and immediately got the message that the site is not secure and someone might be stealing my information and so forth, even from the opening page. Definitely not cache or cookies there.
I hope it gets straightened out eventually. Until then I'll just have to trust that Birna is not going to sneak in here and steal my stuff!
-
Birna is not interested. Hopefully Andrea will have completed the move from Middletown, New Jersey to Santa Fe, New Mexico within the middle of the month and be able to turn her boffin capabilities onto the problem. Which, in fact, we know a lot of underlying causes for, but our hands are tied at present.
Do remember NG runs https and the only information needing encryption, viz. the login, is protected even though a browser won't recognise the TLS level of our server.
-
Terrible problems in UK ...Certifications don't match etc ..data being stolen etc can only log in against advice of server.
-
In a list of messages, there is a little icon on each post to indicate NEW. this icon is not loading for me, showing as broken link.
-
Try flushing your browser cache.
-
In a list of messages, there is a little icon on each post to indicate NEW. this icon is not loading for me, showing as broken link.
This is still broken for me, i have done various clearing, private mode, different browser. I don't think the issue is on my end.
-
It's puzzling. The icon indicating new (unread) posts shows on all machines I have tried so far.
Initially there were some broken links, but they silently vanished over time.
-
This is still broken for me, i have done various clearing, private mode, different browser. I don't think the issue is on my end.
Same here, no flushing of the cache works for me, the New icon remains broken (Chrome).
I tried an incognito window, but my login does not work. It seems to recognize the user name, but I have tried all likely password combinations. Same with login on my phone. I wonder if that has something to do with the Norwegian characters in my user name?
Password recovery does not work (as reported, the email notification is broken), so I cannot reset the password. If I somehow get logged out on my main browser (luckily it has stayed logged in for now...), I will be lost.
I have checked that nkongear.net resolves to the new ip number on the nameserver here.
-
There are some issues to be sorted, obviously. There are still name servers out there that serve the old IP, but their occurrence is on the wane.
I'll start over the weekend to look into getting the mail service going again.
For those having issues logging in, please notify me by email (post @ natur foto graf . com) so I can reset lost or unusable passwords. I'll do a test log in to check everything works. Don't be alarmed, I'll refrain from posting any stuff on your behalf :)
If we experience further character set issues, I might have to alter the login name -- but of course will keep the screen name of each member affected.
-
Finally, after the last upgrade I am able to log in again with the password I thought was the correct one to begin with (so not getting senile yet after all ;D ). However it took clearing the browser cache before it worked. The password recovery that I tried before that did not work, and now that my login is working I do not wish to try again.
-
We have had issues with email/notification delivery, however the last obstacle of getting emails to gmail.com apparently now is defeated after I stepped up default server security setting to TLS1.2.
There was also a change of forum language to properly support UTF-8. That might trip up passwords with Nordic characters in them.
-
The second page of January 2020 thread is not completely secured (the padlock is displayed with that orange triangle):
https://nikongear.net/revival/index.php?topic=9124.15
The orange triangle appears only in this second page. Other pages (like the first page of January 2020 thread) are secured and no orange triangles are shown.
I'm not sure if this is related to the image(s) linked from outer website...
-
We might have to adjust our .htaccess file to enforce https only. Strange still, as the linked images on that page (second in the January 2020 thread) do follow the https protocol
-
Currently when I browse the site all is fine, BUT:
I get a security warning on pages with extrenally linked pictures, just like Akira
-
The page(in the January 2020 thread) showing a broken padlock had a remotely linked image originating from 500pix. That site is listed as suspicious due to a recent password breach.
-
When the site went down back in fall I got notices for a while that it was under repair, then suddenly it just would not come up at all, just timing out. I finally got around to emailing Richard Haw, who said it was up and running, so I finally got around to trying to troubleshoot. Something somewhere put the Nikongear URL in my hosts file. Glad to be back, and will now see what happens whey I open pages with pictures.
-
again ssl defunct...
-
Well, you *did* access the NG site through the http protocol, *not* https. So response was as called for in terms of security.
We do have a redirect from http to https somewhere, but obviously one still can slip past that measure.
Perhaps the update of our SSL certificate this July have influenced the redirect opportunities? I'll have a peek if I can get some time off from other chores.
-
Hmmm. Looks like the updated new SSL certificate only works as we thought for direct https-based access. So add the "s" and you'll be just fine, Frank.
Http on its own is inherently 'unsafe' so should not be used for any web site where you log in or post contributions. Our automated redirect should take care of that if the wrong protocol is applied, but unfortunately it appears not to work at present. We probably have to invest in an additional SSL certificate for this so the autoswap http->https again becomes operative.
Where are our supporters when we need them? Please sign up as a supporter if you haven't already done so. Running NG is not cheap and we need a basic foundation of supporters to keep the site afloat.
-
I received a strange error from my anti-virus program when I tried to access thread 9905 posted by Randy Strout.
Trend Micro prevented opening the thread, posting that it held a phishing algorithm.
None of Randy's other threads showed the same issue. Since I didn't want to override Trend Micro I couldn't see if the thread contained a normal post by Randy or if it was a copy from another source.
May be worth a look by someone with more tech savvy than I have.
-
Trend Micro
Get rid of that rubbish.
On current OSes all those 3rd party AV products actually increase your risks (check their CVE entries, Yuck).
Use a decent JavaScript Blocker in your Browser and the AV tools included natively in the OS.
cheers
afx