2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
Printable Version of Topic
Click here to view this topic in its original format |
XMail Forum > Announcements > Xmail Forum In SSL Mode |
Posted by: atomant May 20 2005, 05:12 PM |
Hi! I have setup Xmail Forum to run in SSL mode only with self-signed certificate. This is a small step to secure forum from possible attacks or password steel. |
Posted by: nvandijk May 20 2005, 11:55 PM |
Hi, Is it realy needed to run in SSL mode ? Don't know about other people but I get on every forum post I click on a warning. Realy not do-able to keep clicking the Yes button on every item. Warning message is: This page contains both secure and nonsecure items. Do you want to display the nonsecure items. I think it is the site meter at the upper right corner that I keep getting these warnings about. but those are verry anoying.. |
Posted by: pierre-oord May 21 2005, 10:50 AM | ||
Indeed they are, I can't find any option in IE to disable the warning message. I think it's indeed the visitor-counter. Maybe run something like webalizer for the stats? |
Posted by: atomant May 21 2005, 02:40 PM |
Yes, it is a counter. I use Mozilla so I can disable these kind of warnings. |
Posted by: dario May 21 2005, 09:23 PM |
To disable this in IE:
|
Posted by: hschneider May 22 2005, 12:10 AM |
I think we should offer both SSL and none-SSL. There are still alot of IE users out there. Experience shows that users don't adapt their browsers, they just keep away from a site wich produces permanent popups ... |
Posted by: atomant May 22 2005, 08:41 AM |
Well this is not possible due to the settings in the forum so you can use non SSL or SSL but not both so I choose SSL. For other users who still use IE - maybe it is a time to test drive Mozilla Firefox. |
Posted by: jobber_jobber May 22 2005, 11:24 AM |
The warning in IE is there fore a very good reason, and shouldn't just be disabled because one of your favourite websites begins to irritate during use. I do use Firefox, at home, but in the office, I can't just install anything on the PC and am forced to use IE. Some consideration is needed to make a site useable and appealing, and as hschneider says, people will move away because of the irritation. I am minded to question what value the sitemeter has, once a forum becomes popular, we all know it gets lots of visitors. Either that or perhaps you could implement your own counter, from the same SSL secured site? Regards, Jobber |
Posted by: hschneider May 22 2005, 01:26 PM |
The counter can be neglected - we should delete it. It's more important to get new users. If we make the forum uncomfortable we will loose users and get less new ones. I would also kick a forum that wants me to install a new browser ... Security is surely a good thing, but it should not play a bigger role than comfort in a forum's context. It's up to the users to use other passwords than they have for their banking account. So with a hacked password no more damage than posting crap can be done .... |
Posted by: atomant May 22 2005, 02:45 PM |
Then BYE,BYE counter You have just been erased |
Posted by: hschneider May 22 2005, 04:07 PM |
Thanks master ! |
Posted by: jobber_jobber May 22 2005, 06:20 PM |
Sasa - thank you - much better I'm still getting the warning message box though, and I think it might have something to do with this image - http://xmail.marketmix.com/shared/xhead.gif Harald - there is no easy way of putting this, but it seems it's the icon you have in all your postings Is there a way that these personal icons can be sourced from the same SSL secured site? Kind regards, Jobber |
Posted by: hschneider May 22 2005, 06:42 PM |
Oops ... done! |
Posted by: jobber_jobber May 22 2005, 07:09 PM |
Excellent - thanks Harald - this thread is now working like a dream again, not checked others yet! |
Posted by: hschneider May 29 2005, 08:20 AM |
To all users who host their own avatar images: Please edit your profile and upload them to the forum server ! |
Posted by: romee Jun 3 2005, 09:33 AM |
Hi! I appreciate the SSL for forum, but: Is it necessary to use nonstandard port? In work, I've no problem with 20443, but at campus I have permission to access only standards port - so 20443 is blocked for me. I'm just curious, this si not so important to me, but maybe some other users would have similar problem. |
Posted by: atomant Jun 3 2005, 07:10 PM |
This is because I have several domain names on one IP and several SSL web pages which use different certificate. If I would use only the standard port then I can't use different certificate for different websites. For more info check on apache website. |
Posted by: pierre-oord Jun 7 2005, 04:08 PM | ||
2 Things I can help fixing: 1) Why not both SSL and non-ssl? If you just use apache, there is no need to change forum settings I think, or are all http and https addresses hardcoded in the forum? 2) If not used as download mirrow, I can offer you free hosting on a 100mbit line, servers specs: Athlon 64 3200+, 1GB RAM, Mirroring SATA RAID1, located in Rotterdam, The Netherlands, Datacenter We-Dare. I've got an /25 range of IP's, this forum can have a dedicated IP for SSL. If you are interrested, please send me an email. |
Posted by: atomant Jun 7 2005, 05:13 PM |
1.) Yes, all the http and https links are hardcoded 2.) I have sent you an email |