Jump to content
Head Coach Openings 2025 ×

  • Current Donation Goals

    • 2024-25 - Budget
      Raised $2,126.33 of $4,000 target

Website NOT secure?

LuersLurker
 Share

Recommended Posts

Gipper Experienced

Gipper

Posted
Posted
20 minutes ago, LuersLurker said:

I just started getting notifications that the gridiron website is not secure.  I have never seen that before.  What is the problem?

I received that message also.  I blame DT.

  • Like 1
  • Haha 2
JustRules Rising Star

JustRules

Posted
Posted

When a site has https:// for the domain they have added a security certificate to the site. I'm guessing either this site doesn't have one or the one they had has expired. It doesn't mean that suddenly anyone can get access to your login information. But without the current certificate it could be more at risk. Think of it like leaving your car unlocked in your driveway in the country. Yes, someone could break into it easily if they knew it was there, but it's also not likely. Someone with a lot more IT security knowledge can explain it better than me.

DK_Barons Collaborator

DK_Barons

Posted
Posted

There is no risk...

 

In the mean time ignore the warning and enjoy as usual.

 

The security certificate expired on 9/2/2020. I renewed it over 2 months ago. I have to figure out what Godaddy has done to screw this up, but it's only on the surface. As I already stated there is NOT any risk involved while you visit right now.

 

DK

  • Like 4
NLCTigerFan07 Experienced

NLCTigerFan07

Posted
Posted
On 9/2/2020 at 11:29 AM, DK_Barons said:

There is no risk...

 

In the mean time ignore the warning and enjoy as usual.

 

The security certificate expired on 9/2/2020. I renewed it over 2 months ago. I have to figure out what Godaddy has done to screw this up, but it's only on the surface. As I already stated there is NOT any risk involved while you visit right now.

 

DK

Thanks for verifying. It was strange to see and unfortunately I can’t get to the site currently while I am on my work computer (shhhhh don’t tell my boss) but glad to know it’s something that can be fixed in the future. Will just have to use my phone for now 

hhpatriot04 Experienced

hhpatriot04

Posted
Posted
7 hours ago, NLCTigerFan07 said:

Thanks for verifying. It was strange to see and unfortunately I can’t get to the site currently while I am on my work computer (shhhhh don’t tell my boss) but glad to know it’s something that can be fixed in the future. Will just have to use my phone for now 

Try a different browser if that's an option and double check there's not an Advanced Settings text link below that chunk of warning text.

PHJIrish Veteran

PHJIrish

Posted
Posted

It's good to be back!  I was not allowed to enter into this bliss until this morning.  I was hoping it wasn't my fault😄

No TGD and unable to attend the games because of the limits makes me a grumpy old guy, well a grumpier old guy.

  • Like 1
psaboy Mentor

psaboy

Posted
Posted

I had seen this before, but think this is first time I got message for around 2 days, I was getting worried. Good point by Whiting 89, need to send in some green backs !!

  • Like 1
Guest DT

Guest DT

Posted
Posted
On 9/2/2020 at 11:29 AM, DK_Barons said:

There is no risk...

 

In the mean time ignore the warning and enjoy as usual.

 

The security certificate expired on 9/2/2020. I renewed it over 2 months ago. I have to figure out what Godaddy has done to screw this up, but it's only on the surface. As I already stated there is NOT any risk involved while you visit right now.

 

DK

I couldn't disagree more.   When I received the "Not secure" warning I immediately shut down the GID and have not been on for 4 days.  

psaboy Mentor

psaboy

Posted
Posted
6 minutes ago, Donnie Baker said:

Did this upgrade affect the mobile app? Mine changed overnight. Swear to God!

The web site looks different too. Not that it matters to me, i like it actually.

DK_Barons Collaborator

DK_Barons

Posted
Posted
8 hours ago, DT said:

I couldn't disagree more.   When I received the "Not secure" warning I immediately shut down the GID and have not been on for 4 days.  

...but you were wrong.  

 

  • Like 1
hhpatriot04 Experienced

hhpatriot04

Posted
Posted
14 hours ago, Donnie Baker said:

I don’t mind the look but it’s difficult to find the settings etc.

This is typical of every time we upgrade the forum software. The community adjusts. I have to use Facebook at work and am not a fan of the new design... lots of things are hidden which used to be easily accessible. 

To the people doubting the security: DK and 77Jimmie each have 25+ years in the tech industry (hardware and software). I know times the forum has been under DoS attacks (no threat to the user, just makes loading the site impossible) and spam bots registering accounts from third-world countries. This isn't their first rodeo.

TGD, thanks to a lot of people but most of all the late Coach Tim Adams, has survived because of the community. Did the updates thread get shorter? Yes, but we have the largest IN HS football Twitter account to make up for it. Whenever the server goes down we have Facebook to let users know when the forum will be back. Just like a good football program, you adapt with the times -- even if that means Bill Belichik explaining much of the "new" offenses in the NFL are just variations of the Wing-T series. So after 22 years, TGD remains and will endure and adapt.

  • Like 4
Guest DT

Guest DT

Posted
Posted
8 hours ago, DK_Barons said:

...but you were wrong.  

 

Doesnt matter.  Its not worth the risk.

What was the issue?  Did you not reinstate your security certificate or was it something else?

Muda69 Grand Master

Muda69

Posted
Posted

The default font with this new version of the forum software has a lot to be desired.  At least with how it renders on Firefox.

 

6 hours ago, hhpatriot04 said:

To the people doubting the security: DK and 77Jimmie each have 25+ years in the tech industry (hardware and software). I know times the forum has been under DoS attacks (no threat to the user, just makes loading the site impossible) and spam bots registering accounts from third-world countries. This isn't their first rodeo.

 

So it's OK for GID user passwords to possibly be sent over the network unencrypted as may be the case when you have SSL certificate issues?

 

snrmike Contributor

snrmike

Posted
Posted
On 9/2/2020 at 7:45 AM, JustRules said:

When a site has https:// for the domain they have added a security certificate to the site. I'm guessing either this site doesn't have one or the one they had has expired. It doesn't mean that suddenly anyone can get access to your login information. But without the current certificate it could be more at risk. Think of it like leaving your car unlocked in your driveway in the country. Yes, someone could break into it easily if they knew it was there, but it's also not likely. Someone with a lot more IT security knowledge can explain it better than me.

You gave a fairly decent explanation sir.  Spot on!

 

snrmike Contributor

snrmike

Posted
Posted
On 9/2/2020 at 10:29 AM, DK_Barons said:

There is no risk...

 

In the mean time ignore the warning and enjoy as usual.

 

The security certificate expired on 9/2/2020. I renewed it over 2 months ago. I have to figure out what Godaddy has done to screw this up, but it's only on the surface. As I already stated there is NOT any risk involved while you visit right now.

 

DK

Just do like I did...
Move over to Network Solutions.  They're cheaper, more reliable and they practically invented the "interwebs". 🙂

 

DK_Barons Collaborator

DK_Barons

Posted
Posted
On 9/7/2020 at 9:35 AM, DT said:

Doesnt matter.  Its not worth the risk.

What was the issue?  Did you not reinstate your security certificate or was it something else?

Apache wasn't loading the new certificate due to a couple SELinux permission/configuration issue.  It took me a couple days to make time to take a good look at it.

DK_Barons Collaborator

DK_Barons

Posted
Posted
9 hours ago, snrmike said:

Just do like I did...
Move over to Network Solutions.  They're cheaper, more reliable and they practically invented the "interwebs". 🙂

 

It wasn't the certificate in this case...

It was me not setting up the permissions correctly. The user running Apache didn't not have read access to the new certs. A couple command line entries to tell SELinux it was alright for Apache to read those and we were rolling again.

 

 

  • Haha 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...