RadioReference on Facebook   RadioReference on Twitter   RadioReference Blog
 

Go Back   The RadioReference.com Forums > Site Administration Forums > System-wide Administration

System-wide Administration - Support for issues related to subscriptions, server connectivity and commentary, and layout usability. Area specific content should be posted to its applicable forum below.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 03-09-2017, 7:29 AM
me1900's Avatar
Member
  Premium Subscriber
Premium Subscriber
 
Join Date: Jan 2017
Location: Midtown, Oklahoma City, OK
Posts: 69
Exclamation Firefox Complains RR Not Secure

This really worries me because I am a premium subscriber and wish to keep it that way. Firefox complains this RR does not provide encryption.Once evil hackers get wind of this they'll try to steal premium subscriptions. I will not debate firefox.

First image is forums second image is main site.
Attached Images
  
Reply With Quote
Sponsored links
†††††††† ††††††††
  #2 (permalink)  
Old 03-09-2017, 7:58 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

Go to https://www.radioreference.com or https://forums.radioreference.com
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #3 (permalink)  
Old 03-09-2017, 10:59 AM
me1900's Avatar
Member
  Premium Subscriber
Premium Subscriber
 
Join Date: Jan 2017
Location: Midtown, Oklahoma City, OK
Posts: 69
Thumbs up Grateful!

Quote:
Originally Posted by blantonl View Post
Updated my bookmarks with https secure links. Now Firefox is happy so am I. Thanks Blantoni!
Reply With Quote
  #4 (permalink)  
Old 03-09-2017, 1:27 PM
MikeOxlong's Avatar
Forums Manager/Global DB Admin
  RadioReference Database Admininstrator
Database Admin
 
Join Date: Jun 2001
Location: Central Ontario
Posts: 9,284
Default

Yes, The Great Blantoni!
__________________
Mike.

Sorry but I don't accept PM's. Please use email instead.
Reply With Quote
  #5 (permalink)  
Old 03-09-2017, 3:37 PM
mciupa's Avatar
Forums Moderator
  RadioReference Database Admininstrator
Database Admin
 
Join Date: Nov 2002
Posts: 5,976
Default

Quote:
Originally Posted by MikeOxlong View Post
Yes, The Great Blantoni!


(I'm sorry, Lindsay. I hope I am laughing with you.)
Reply With Quote
Sponsored links
  #6 (permalink)  
Old 03-09-2017, 4:06 PM
16b's Avatar
16b 16b is offline
Member
  Premium Subscriber
Premium Subscriber
 
Join Date: Feb 2004
Location: Central Ohio
Posts: 468
Default

if you are concerned about the hackers, it might be time to consider something other than windows xp
Reply With Quote
  #7 (permalink)  
Old 03-09-2017, 8:41 PM
dave3825's Avatar
Member
  Premium Subscriber
Premium Subscriber
 
Join Date: Feb 2003
Location: United States
Posts: 1,732
Default

I am running Chrome. Chrome reports the following while on https://www.radioreference.com/ and pretty much the same but with more images loaded over http while on https://forums.radioreference.com/

Says the page is not secure but also says I have an encrypted connection to the site.
Is this anything to be concerned about? Just curious.



- - - - - - - - -


This page is not secure.

Valid Certificate
The connection to this site is using a valid, trusted server certificate.

Secure Connection
The connection to this site is encrypted and authenticated using a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and a strong cipher (AES_128_GCM).

Mixed Content
The site includes HTTP resources.
Reload the page to record requests for HTTP resources.


(index):234 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/speaker_s.gif'. This content should also be served over HTTPS.

(index):237 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/tags_avail.gif'. This content should also be served over HTTPS.

(index):255 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/Document_Tree.gif'. This content should also be served over HTTPS.

(index):261 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/speaker_s.gif'. This content should also be served over HTTPS.

(index):264 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/tags_avail.gif'. This content should also be served over HTTPS.

(index):282 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/Document_Tree.gif'. This content should also be served over HTTPS.

(index):288 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/speaker_s.gif'. This content should also be served over HTTPS.

(index):309 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/Document_Tree.gif'. This content should also be served over HTTPS.

(index):315 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/speaker_s.gif'. This content should also be served over HTTPS.

(index):334 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/Document_Tree.gif'. This content should also be served over HTTPS.

(index):340 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/speaker_s.gif'. This content should also be served over HTTPS.

(index):359 Mixed Content: The page at 'https://www.radioreference.com/' was loaded over HTTPS, but requested an insecure image 'http://s.radioreference.com/i/icons/Document_Tree.gif'. This content should also be served over HTTPS.

quant.js Failed to load resource: net::ERR_NAME_NOT_RESOLVED
ga.js Failed to load resource: net::ERR_NAME_NOT_RESOLVED
__________________
DMR436HP Br330T Pro 93 Pro 95
Arc330Pro ProScan Freescan BCDX36HP Easy Manual Id Tracker
Reply With Quote
  #8 (permalink)  
Old 03-10-2017, 7:27 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

It's not a problem - just some supporting images and icons are loaded over non-secure http while the rest of the page is secure. At some point I'll get that fixed.
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #9 (permalink)  
Old 03-10-2017, 9:58 AM
dave3825's Avatar
Member
  Premium Subscriber
Premium Subscriber
 
Join Date: Feb 2003
Location: United States
Posts: 1,732
Default

Never hurts to ask. Thank you sir...
__________________
DMR436HP Br330T Pro 93 Pro 95
Arc330Pro ProScan Freescan BCDX36HP Easy Manual Id Tracker
Reply With Quote
Sponsored links
  #10 (permalink)  
Old 03-11-2017, 8:10 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

Ask, and you shall receive. �� I rolled out some updates yesterday to fix this issue.
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #11 (permalink)  
Old 03-11-2017, 9:53 AM
Member
  Premium Subscriber
Premium Subscriber
Amateur Radio Operator
Amateur Radio
 
Join Date: Sep 2015
Location: Chesapeake Beach, Maryland
Posts: 129
Lightbulb

Quote:
Originally Posted by blantonl View Post
Any chance you can support redirects to force all traffic to https? That is the recommended way of rolling out TLS now days.
Reply With Quote
  #12 (permalink)  
Old 03-11-2017, 9:56 AM
Member
  Premium Subscriber
Premium Subscriber
Amateur Radio Operator
Amateur Radio
 
Join Date: Sep 2015
Location: Chesapeake Beach, Maryland
Posts: 129
Default

Also, you should take a look at the output of SSLLabs...

https://www.ssllabs.com/ssltest/anal...oreference.com
Reply With Quote
  #13 (permalink)  
Old 03-12-2017, 9:15 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

Quote:
Originally Posted by WG3K View Post
Any chance you can support redirects to force all traffic to https? That is the recommended way of rolling out TLS now days.
Yes, it is an easy header change to rollout, but we're not yet prepared to do it just yet.

We have some infrastructure updates coming over the next few months where this will be part of the rollout.
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #14 (permalink)  
Old 03-12-2017, 9:16 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

Quote:
Originally Posted by WG3K View Post
Also, you should take a look at the output of SSLLabs...

https://www.ssllabs.com/ssltest/anal...oreference.com
Good catch, OpenSSL library updates completed.
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #15 (permalink)  
Old 03-12-2017, 12:15 PM
iMONITOR's Avatar
Member
   
Join Date: Jan 2010
Location: MACOMB, MI.
Posts: 948
Default

I'm still getting the warning that the FORUM log-in is insecure.
Reply With Quote
Sponsored links
  #16 (permalink)  
Old 03-12-2017, 12:16 PM
iMONITOR's Avatar
Member
   
Join Date: Jan 2010
Location: MACOMB, MI.
Posts: 948
Default

Insecure password warning in Firefox


This is a new feature that is available starting in Firefox version 51
.

Firefox will display a grey lock icon with a red strike-through in the address bar, when a login page youíre viewing does not have a secure connection. This is to inform you that if you enter your password it could be stolen by eavesdroppers and attackers.

Starting in Firefox version 52, you will also see a warning message when you click inside the login box to enter a username or password.


What can I do if a login page is insecure?

If a login page for your favorite site is insecure, you can try and see if a secure version of the page exists by typing https:// before the url in the location bar. You can also try to contact the web administrator for the site and ask them to secure their connection.
Not recommended: You can also continue to log in to the website even if the connection is insecure, but do so at your own risk. If you do go this route, try to use a unique password or a password that you donít also use for other important sites.
About insecure pages

Pages that need to transmit private information, such as credit cards, personal information and passwords, need to have a secure connection to help prevent attackers from stealing your information. (Tip: A secure connection will have "HTTPS" in the address bar, along with a green lock icon.)

Pages that donít transmit any private information can have an unencrypted connection (HTTP). It is not advised to enter private information, such as passwords, on a web page that shows HTTP in the address bar. The information you enter can be stolen over this insecure connection.
Note for developers

For developers looking to learn more about this warning, please see this page. The page explains when and why Firefox shows this warning, and will also provide some details on how to fix the issue. For more information, see this blog post and this Site Compatibility document.

NOTE: This is not a fault of FireFox, it is a valuable feature. If you're not using FireFox, you are still exposed to the risk. You're just not being warned.

I'm not only concerned about my login password, but the contents of my PM's as well. It appears they are also not encrypted, and in the clear, possibly exposed to hackers.
Reply With Quote
  #17 (permalink)  
Old 03-13-2017, 9:40 AM
blantonl's Avatar
Founder and CEO
  RadioReference Database Admininstrator
Database Admin
Audio Feed Provider
Audio Feed Provider
 
Join Date: Dec 2000
Location: San Antonio, TX
Posts: 8,781
Default

Quote:
Originally Posted by iMONITOR View Post
I'm still getting the warning that the FORUM log-in is insecure.
https://forums.radioreference.com
__________________
Lindsay C. Blanton III
CEO - RadioReference.com / Broadcastify
Facebook: RadioReference | Broadcastify | Twitter: @RadioReference
Reply With Quote
  #18 (permalink)  
Old 03-13-2017, 9:46 AM
iMONITOR's Avatar
Member
   
Join Date: Jan 2010
Location: MACOMB, MI.
Posts: 948
Thumbs up

Excellent! Thanks Lindsay.
Reply With Quote
  #19 (permalink)  
Old 03-14-2017, 9:19 AM
N2SCV's Avatar
Member
  Premium Subscriber
Premium Subscriber
Amateur Radio Operator
Amateur Radio
 
Join Date: Mar 2009
Location: Above ground
Posts: 329
Default

Been using this for a while: https://www.eff.org/https-everywhere
Reply With Quote
  #20 (permalink)  
Old 03-14-2017, 11:35 AM
iMONITOR's Avatar
Member
   
Join Date: Jan 2010
Location: MACOMB, MI.
Posts: 948
Default

Quote:
Originally Posted by N2SCV View Post
Been using this for a while: https://www.eff.org/https-everywhere

Interesting, thanks for posting!

Funny thing Firefox would not allow installing it from the link you provided. I had to go to FireFox's add-ons option, and install it directly from Mozilla.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 3:26 PM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
All information here is Copyright 2012 by RadioReference.com LLC and Lindsay C. Blanton III.Ad Management by RedTyger
Copyright 2015 by RadioReference.com LLC Privacy Policy  |  Terms and Conditions