NikonGear'23
The NikonGear Office => Site Issues => Topic started by: k0dlo on November 01, 2019, 21:43:51
-
I have been away from the site for a while.
This had me stumped, but found my way into the portal.
Any fix?
Dennis Owings
USA
This site is not secure
This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.
Go to your Start page
Details
The hostname in the website’s security certificate differs from the website you are trying to visit.
Error Code: DLG_FLAGS_SEC_CERT_CN_INVALID
Go on to the webpage (Not recommended)
-
The current certificate has been issued generically to accountservergroup.com, which represents the company hosting our server. There is a glitch in the configuration and we intend to solve that and some other issues by acquiring a new server in December. Until then, just make an exception for NG and all is fine. The site does run the https protocol.
-
The same issue for me with Iphone and ipad
I locked out in a way (forgot the pass) retrieve the pass from the phone and I am back
-
Perhaps it's an idea to apply for a free https://letsencrypt.org/ (https://letsencrypt.org/) certificate for the time being - and get a new one once the server is moved? 8)
The problem with non matching certificates is that the visitor has abolutely no idea whether that certificate really belongs to your website or whether the website is hacked :-\ and somebody tries to impersonate the site with a different certificate (which means compromised session and risk of data and privay loss :-[ ). It was only after I found this thread that I decided to register after all as at least you claim the certifiacte is authentic - but please note you cannot claim nor guarantee that nobody else has access to the https session as it's apparently a generic certificate where the hoster as certificate owner will automatically have access to the session too! Not very wise in the 21st century, certainly not in the post Snowden era...
-
I agree completely. But we have to be pragmatic here. Our esteemed boffin, Andrea, is deeply entrenched in her moving house 2000 miles across the US of A. I'm racing against time to meet the deadlines of a bunch of papers I'm committed myself to deliver (and already been paid for :( ). Thus our hands are tied at present.
What we *aim* to do is moving to a new server in December. That should solve the issues. There will be a few days' downtime, but near Christmas time most people seem to be otherwise engaged anyway.
The actual login is the only place on the site where encryption and security are essential. Everything else really doesn't require https. So stay logged in ....
-
I agree completely. But we have to be pragmatic here. Our esteemed boffin, Andrea, is deeply entrenched in her moving house 2000 miles across the US of A. I'm racing against time to meet the deadlines of a bunch of papers I'm committed myself to deliver (and already been paid for :( ). Thus our hands are tied at present.
What we *aim* to do is moving to a new server in December. That should solve the issues. There will be a few days' downtime, but near Christmas time most people seem to be otherwise engaged anyway.
The actual login is the only place on the site where encryption and security are essential. Everything else really doesn't require https. So stay logged in ....
Nice to know that, Birna. The new "certified" sever should be a nice holiday present for us!
-
never mind
-
In the near future NG will move to another, fixed, IP address and we should then be able to produce the correct certificate configuration.
-
Something got fixed because I have been unable to log on in a while. I tried 3 different browsers on a Mac - Either got a plain text (in various fonts and colors on white background) page with no actual working links (links led to error message) or was stopped before hitting the main page. Got various messages depending on browser making it sound as if the site was sacked - at least one wording was like that given above. Glad to be back!
-
Everything came to normal.
No more ''unsecure site'' warnings !
Thanks, Birna !
:)
-
Yay fixed !!!!!
Thank you!!!!
:) :)
-
My Linux boxes now run NG normally, whilst the Windows ones drag their feet. Probably wise to clear out any caches or cookies associated with NG.
I expect the situation to improve in the near future as various cache tiers word wide expire and are refreshed.
We still might need to upgrade our server OS, but for now the security issue seems to be taken care of.
Thanks go to members and supporters alike for their patience in this matter.
-
Many thanks Birna.
NG is behaving well again, I got a 404 earlier so guessed something was happening.
-
My Windows machines now run NG normally as well. Time to move on to the pile of unprocessed files floating around :)
-
Thanks
Glad things are back up and working for me 8)
-
Unfortunately, I still see this annoying orange triangle with the exclamation mark. The Firefox on Windows 10 is unforgiving...
I will wait either for the completion of the migration to another server or for the Edge browser to be chromium-based.
-
Unfortunately, I still see this annoying orange triangle with the exclamation mark. The Firefox on Windows 10 is unforgiving...
I will wait either for the completion of the migration to another server or for the Edge browser to be chromium-based.
"This site uses defect, weak encryption" me too ...
-
We are fully aware of that issue.
Unfortunately, getting it solves involves more than just obtaining a fixed IP address. Hopefully we will move NG to an updated server later, in December, that should improve our encryption ability to TLS 1.2.
-
interestingly my Chrome on Android is perfectly happy with your Configiration.
No, not perfectly: the site certificate makes it, but Transport Layer Security 1.0 not
Firefox on Windows 10 is very unhappy still
-
Firefox will complain until mid December at least :)
What we needed to get rid off, as soon as possible, was the security warning preventing people from accessing the site.
-
Chrome and Edge is working well, it shows the certificate is valid
Win10 machine
-
Trying to get into NG with "chrome" browser gets me this:
404 Not Found
The server can not find the requested page:
nikongear.net/revival/index.php (port 443)
Please forward this error screen to nikongear.net's WebMaster.
-
You might have stuff in the browser cache, *or* earlier made an exception for the site certificate. If the latter, clear it and you're back in business. For the former, flush out the cache and try again.
I did test Chromium with NG on various Windows and Linux boxes and all went well.
-
I still cannot access the site using Safari on my iMac. I can using Firefox. And I can using Safari on my MacBook Pro.
Both devices are running Catalina and are up to date.
On the iMac I get the same message as golunvolo.
I have cleared caches, cookies and history, shut down, restarted, several times.
I made an exception for the site certificate when the https problem arose earlier, but I do not know how to remove the exception. None of the certificates in my Keychain seems relevant.
Assistance would be appreciated.
-
Have you tried using the new IP address (162.210.51.81) ?
-
Have you tried using the new IP address (162.210.51.81) ?
Thanks, I did not know of this and just tried it. Unfortunately I had the same result as before (the one reported by golunvolo).
It is very strange that one of my computers has no problem and the other does.
-
Hi there,
Hi again
Still having problems with the access to the site with both Chrome and Firefox. Only the private browser “Tor” allows the access. I have erase the previous certificate but it
either shows now the site on the attached image or the “404 Not Found” message when using the new ip address: 162.210.51.81
Any other ideas?
Thanks for your help
Paco
-
Why use IP address?
To read new messages I just link to https://nikongear.net/revival/index.php?action=unread, and it is working without a hitch in Chrome on Win7 (black padlock as always). https://nikongear.net works too of course.
-
My issue on one PC was caused by this 'old' hack ::)
If you made changes last time we had issues in 2016, you might want to remove or replace these,,,
Windows
You will need to edit this file with Notepad:
c:\windows\system32\drivers\etc\hosts
First change the rights to edit the file by right clicking on it and set the security to allow all access.
If these two lines are at the bottom of the file delete them and save the file.
162.210.51.116 nikongear.net
162.210.51.116 www.nikongear.net (http://www.nikongear.net)
From the command line type this and hit Enter:
ipconfig/flushdns
Or reboot
Mac
http://www.mactip.net/how-to-edit-the-hosts-file-on-a-mac/ (http://www.mactip.net/how-to-edit-the-hosts-file-on-a-mac/)
-
Why use IP address?
To read new messages I just link to https://nikongear.net/revival/index.php?action=unread, and it is working without a hitch in Chrome on Win7 (black padlock as always). https://nikongear.net works too of course.
When I use that on Safari on my iMac, I get the same 404 error as before.
It works fine on my MacBook Pro on Safari.
Computers :'( :'(
-
Try using a 'ping' from the command line to see whether the machine resolves nikongear.net to the correct IP, i.e. 162.210.51.81.
If this is the case, any issue should be with the browser(s). Delete the browser cache, cookies, and any additional security exceptions for NG and the site access ought to return.
However if the machine cannot resolve NG to its correct IP address, the issue might be external, such as you ISP caching DNS records without proper flushing, or an outdated entry in a HOSTS file. The first can be checked by pinging one of our aliases, for example, nikongear.com or nikongear.org since these DNS records likely are older and therefore, already have been flushed. If nikongear.net still is not to be reached, or you end up with Error 404 or similar, the culprit could be a stale HOSTS file. Either edit it, or perhaps even better (unless you have specialised entries therein), just delete the file. Access the NG site in a browser through one of the aliases not used for ping and you should be back into normal operation. (I had this issue on a Win10 box that hadn't been updated for some time).
-
Try using a 'ping' from the command line to see whether the machine resolves nikongear.net to the correct IP, i.e. 162.210.51.81.
If this is the case, any issue should be with the browser(s). Delete the browser cache, cookies, and any additional security exceptions for NG and the site access ought to return.
However if the machine cannot resolve NG to its correct IP address, the issue might be external, such as you ISP caching DNS records without proper flushing, or an outdated entry in a HOSTS file. The first can be checked by pinging one of our aliases, for example, nikongear.com or nikongear.org since these DNS records likely are older and therefore, already have been flushed. If nikongear.net still is not to be reached, or you end up with Error 404 or similar, the culprit could be a stale HOSTS file. Either edit it, or perhaps even better (unless you have specialised entries therein), just delete the file. Access the NG site in a browser through one of the aliases not used for ping and you should be back into normal operation. (I had this issue on a Win10 box that hadn't been updated for some time).
Editing the Hosts file seems to have solved the problem. It was showing the wrong IP address, so I corrected this.
-
I cant logon to the site with Opera when its build-in vpn is enabled, since the server migration.
Possibly the servers that provide for the vpn service need to renew their ip configuration as well.
-
When IP addresses change, it is always prudent to flush any cached DNS information.
Besides, the final update to the site name servers was performed only 6 hours ago. Can you ping nikongear.net and get its current IP?
I have tried NG with 6 different networks today. Four of them had the the correct IP, for the others I just made a local HOSTS file.
-
works now
great work, team
-
HOORAY!!! The annoying orange triangle on the padlock is gone now!
Thank you, administrators (especially Andrea?)!
-
Actually, only Birna.
And a large lump of the subscribers' monetary contributions.
We do need more subscribers :)
-
Actually, only Birna.
And a large lump of the subscribers' monetary contributions.
We do need more subscribers :)
I see. Then a big THANK YOU, Birna! You brought a peace of mind here.
-
We *had* to solve this issue and Andrea is mired down in the aftermath of moving house thousands of miles across the US. I had really no choice in the end. The last two weeks have been spent combining a battle against pneumonia and obstinate computer services :)
-
Thanks a lot Birna, well done!!!
-
Thank you Birna, well done, nice to have Nikongear back online :)
-
I updated the Hosts file, flushed the browser cache and restarted the computer.
Working fine now, thank you.
-
While having a HOSTS file will do no harm as long as the domain entry therein is correct, it might cause trouble if the IP address should change anew. Thus after a few days your ISP should provide the correct IP and then the HOSTS file can be corrected by putting a # in front of the entry.
-
We *had* to solve this issue and Andrea is mired down in the aftermath of moving house thousands of miles across the US. I had really no choice in the end. The last two weeks have been spent combining a battle against pneumonia and obstinate computer services :)
Hope you get better now!
-
While having a HOSTS file will do no harm as long as the domain entry therein is correct, it might cause trouble if the IP address should change anew. Thus after a few days your ISP should provide the correct IP and then the HOSTS file can be corrected by putting a # in front of the entry.
Thanks, will do.
-
Thanks !!
I had to do nothing it just worked, android + windows
-
Also, Birna, die Lungenentzündung hätte nun echt nicht sein müssen
-
I had an incident of pneumonia that lasted more than 3 weeks before I recovered. Lots of antibiotics were administered. I haven't been this wretched for years :(
-
Birna I hope you will be well soon.
I have trouble with Nikongear on my iPad, as it sometimes end on the old IP address.
Problem come and go, right now I reset all my network settings, and I am on, but will it last, others with the same problem?
Even using the new IP address don’t work ???
-
Bent, had similar issue on my iphone and windows laptop, where the site would revert to maintenance mode, as of today no issues yet.
-
Yesterday I was viewing a log-in for administrators and this morning, after a few seconds, the site is up again (with a padlock :-) ). Mac and Safari.
-
It's all a question of cached DNS information. Some networks do renew immediately (in a matter of hours) thus I could access NG on my Android units in Oslo the very first day, but not at home on the home network (different ISPs). Today, the home network also works with the Android units. For the PCs I just set up the correct HOSTS entry if necessary.
Using the IP address directly will not work as the certificate is for the domain nikongear.net only.
-
FYI: The "old" NG site, at IP 162.210.51.81 will go off air in a week's time. The server will be shut down permanently on 31 Dec 2019 at the latest. After that we are forever cloud-based :)
I haven't tested e-mail notification from PM yet. Anyone care to shoot me a test PM?
-
Hm. The internal messaging of NG does work, but notification by email might be stuck. Oh well, I'll look into this later. It's just a minor annoyance.
Thanks anyway, Akira et al. No need to PM me further -- for now.
-
This site will show an indication of how the new IP is propagated world wide:
https://www.whatsmydns.net/#A/nikongear.net
Most countries should be on the "right track, while some areas still cling to the old address. This simply takes time to flush out.
-
I've gone back and forth between being able to access the site and not over the last few days. This is at home PC only, not via phone. Clearing the cache and cookies doesn't seem to help. I guess I'll just have to be patient.
-
Bill: You could put the following line into your HOSTS file
162.241.212.49 nikongear.net
Then, you avoid the vacillating scenario.
The old site is now set in permanent maintenance mode and can no longer be accessed. A notice of the new NG IP address is posted there.
-
Nikongear has been in maintenance mode the greater part of the day the recommended steps for solving the issue were to no avail, thinks the dns service was not up and running yet. ;)
-
It worked on my mobile. For my PC's I had to adapt the host file, and that works now :D Also with the help of the Whats-app group :)
-
for me it is on an off. sometimes the site behaves normally, then is comes and goes into maintenence and back...
-
After a lot of messing, I accessed the new site briefly just after the move, next morning I refreshed the screen and it went back to silly, maintenance mode.
Last night I spent best part of an hour clearing catches, clearing/resetting the DNS etc. All to no avail, this morning I am straight in??? For how long I don't know, I could get on from my iPhone when away from home but not at home. I am beginning to wonder if part of the issue is my 'smart' router, serving up what IT decides, irrespective of what I actually WANT.
Anyway, many thanks to Birna and the team, I'm sure it's a good move in the long term, it's just been a rather bumpy switch.
-
…… I am beginning to wonder if part of the issue is my 'smart' router, serving up what IT decides, irrespective of what I actually WANT.
Anyway, many thanks to Birna and the team, I'm sure it's a good move in the long term, it's just been a rather bumpy switch.
Then my router is "smart" too. Problem with Safari, not with Chrome. Life goes on in Chrome.
God Jul! (Exchange for the seasons greeting in your chosen language!)
/Eric
-
As our old server did not support TLS 1.2 (or higher). the security situation quickly became untenable :( We simply *had* to upgrade the hosting platform.
It's not a secret I found the migration process quite bumpy and fraught with unexpected difficulties myself (exacerbated by concurrent health issues), so glad it finally panned out OK. Well, mostly OK.
There still are major networks out there serving the old IP address. Nothing to do with that except fixing ad-hoc by changing one's local HOSTS file.
-
No DNS-related problems here, either with Firefox on Win 10 or Safari on iOS13.
-
Quite bumpy indeed... I've seen the white screen three times with two time in between where I had to log in again... One hour ago I couldn't access and now it works again directly ???
I did reset all my settings on Safari (since the first time). I'm now hoping that time will help with the new DNS :-)
-
Apparently we have got the e-mail system working again. Shoot me a test PM, anyone?
-
Well, better direct such PMs to me :) Bjørn is no longer a physical entity.
-
I was just informed there has been a "rotten apple" in the DNS configuration that made an old, obsolete DNS record to start propagating, effectively undoing the resolution of the new IP address.
This goes a long way to explain the instability of DNS over the last 2 days.
-
Bill: You could put the following line into your HOSTS file
162.241.212.49 nikongear.net
Then, you avoid the vacillating scenario.
The old site is now set in permanent maintenance mode and can no longer be accessed. A notice of the new NG IP address is posted there.
Thanks, Birna. I tried modding the hosts file and it didn't work, but in retrospect I may have saved the file in the wrong format. As of now I'm getting into the site just fine. Presumably the "rotten apple" has been dealt with so I'm feeling more confident I can get into the site in the future. However, attempting to go to the new IP address directly, yesterday and the day before, was not working and was causing an error message. I wonder if that was also due to the rotten apple in the DNS system.
-
Thanks, Birna. I tried modding the hosts file and it didn't work, but in retrospect I may have saved the file in the wrong format. As of now I'm getting into the site just fine. Presumably the "rotten apple" has been dealt with so I'm feeling more confident I can get into the site in the future. However, attempting to go to the new IP address directly, yesterday and the day before, was not working and was causing an error message. I wonder if that was also due to the rotten apple in the DNS system.
If you edit the hosts file (for example with Notepad), when it tries to save it, it finds out that the original file is protected and it tries to save the modified file as a hosts.txt file in the Documents folder. The original file is unchanged. So you should proceed as follows:
- Navigate to the Documents folder (or wherever the hosts.txt file has been saved to)
- Rename the hosts.txt to hosts.
- Copy the modified hosts. to folder c:\windows\system32\drivers\etc
- The system will prompt you for the overwrite of the original protected file with administrator privileges. Accept by clicking OK
- Done
You can verify that the mapping of nikongear.net has been correctly applied by launching a command prompt, and then typing
PING nikongear.net
If system response is something like
Pinging nikongear.net [162.241.212.49] with 32 bytes of data:
Reply from 162.241.212.49: bytes=32 time=143ms TTL=47
THEN EVERYTHING IS OK (you have the correct mapping)
If the IP response is with the old one, then something has gone wrong, and you still have the wrong mapping. Check carefully the indicated steps.
Ciao from Massimo
-
Thank you, Massimo!
-
Unlike the scenario on the old server, where one could access NG directly through the IP, this is no longer possible. You *have to* use the domain name: nikongear.net.
-
Thanks again, Birna. No problems at all since I got in successfully yesterday.
-
The DNS instability issue now apparently is a memory of the past ... You might wish to comment out, or delete the NG entry in your HOSTS file (for those members making that temporary solution).
I'm starting to get PM notifications as well, which indicates the site email finally is operational again - for now, at least.
We had a huge backlog of stuck emails, but the queue seems to be drained at present. A good sign.
There might still be issues with notifications sent to members having a gmail account, though. Next quirk to iron out presumably.
-
We had a huge backlog of stuck emails, but the queue seems to be drained at present. A good sign.
I just noticed I had received storm of notifications from NG.
-
I just noticed I had received storm of notifications from NG.
No wonder -- when we finally got the email system working again, many hundreds of emails were just waiting to be sent. The queue emptied in seconds.
-
All this makes me wonder what's happening with our sister site ultravioletphotography.com. I keep getting a notice that the site is suspended, in each of two browsers I have. Clearing the browsing cache and cookies doesn't help. https://www.isitdownrightnow.com/ says it's down but https://www.isitdownrightnow.com/ says it's up. Does the site have a new IP address?
-
All this makes me wonder what's happening with our sister site ultravioletphotography.com. I keep getting a notice that the site is suspended, in each of two browsers I have. Clearing the browsing cache and cookies doesn't help. https://www.isitdownrightnow.com/ says it's down but https://www.isitdownrightnow.com/ says it's up. Does the site have a new IP address?
No, UVP is on the same IP. However, there are signs that the UVP site has been compromised thus the hosting providers have suspended it for now. Andrea is working on a solution in conjunction with Support.
The signs of relentless hammering to break into our NG site are a depressing read. I've gone through lots of error logs these last weeks and there have been thousands of hacking attempts every day. A very big country in the Far East is the origin point for these attempts. A sad sign of Modern Times.
-
No, UVP is on the same IP. However, there are signs that the UVP site has been compromised thus the hosting providers have suspended it for now. Andrea is working on a solution in conjunction with Support.
The signs of relentless hammering to break into our NG site are a depressing read. I've gone through lots of error logs these last weeks and there have been thousands of hacking attempts every day. A very big country in the Far East is the origin point for these attempts. A sad sign of Modern Times.
Birna, thank you to you and Andrea for all the work you both do to keep these two sites running.
-
The signs of relentless hammering to break into our NG site are a depressing read. I've gone through lots of error logs these last weeks and there have been thousands of hacking attempts every day. A very big country in the Far East is the origin point for these attempts. A sad sign of Modern Times.
Scary.
-
The email delivery system still has a few quirks. Most of which concern gmail addresses, which continue to be blocked. We hope this issue can be solved in the near future.
Thus, if you are no longer receiving notifications from NG, the above can be the explanation.