Enabling SSL breaks the page menu

User Tag List

Results 1 to 11 of 11
  1. #1
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Enabling SSL breaks the page

    With the new firefox that blocks active mixed-content the WYSISYG Editor for posts breaks when you enable ssl for this page.

    I had the following warnings:

    Code:
    [
    "http://www.ownedcore.com/forums/mobiquo/smartbanner/appbanner.css" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
    "http://www.ownedcore.com/forums/mobiquo/smartbanner/appbanner.js" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
    "http://www.adpeepshosted.com/adpeeps.php?bf=showad&uid=101861&bmode=off&gpos=center&bzone=default&bsize=728x90&btype=3&bpos=default&btotal=1&btarget=_blank&bborder=0" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
    "http://www.ownedcore.com/forums/clientscript/vbulletin_facebook.js?v=420" was blocked. @ https://www.ownedcore.com/forums/newthread.php?do=newthread&f=166
    "http://www.ownedcore.com/forums/clientscript/ckeditor_config.js?v=420&t=B8DJ5M3" was blocked. @ https://www.ownedcore.com/forums/clientscript/ckeditor/ckeditor.js?t=A7HG4HT&v=420:16
    You should update SSL , because the current version doesn't seem to mitigate the BEAST attack.
    Finally, since RC4 is declared broken officially, you might want to disable it and allow TLS1.2 with some more secure Methods, including Forward Secrecy

    Enabling SSL breaks the page
  2. #2
    Ket's Avatar Legendary
    CoreCoins Purchaser Authenticator enabled
    Reputation
    861
    Join Date
    Feb 2008
    Posts
    3,337
    Thanks G/R
    600/313
    Trade Feedback
    29 (93%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It should be fixed now.

  3. #3
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    looks better now indeed, but there are still 2 warnings:

    http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js" @ new...eaks-page.html
    http://www.adpeepshosted.com/adpeeps.php?bf=showad&uid=101861&bmode=off&gpos=center&bzone=default&bsize=728x9 0&btype=3&bpos=default&btotal=1&btarget=_blank&bborder=0" @ https://www.ownedcore.com/forums/new...eaks-page.html
    both websites answer ssl-requests without cert-problems

  4. #4
    Ket's Avatar Legendary
    CoreCoins Purchaser Authenticator enabled
    Reputation
    861
    Join Date
    Feb 2008
    Posts
    3,337
    Thanks G/R
    600/313
    Trade Feedback
    29 (93%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That should be fixed now as well.

    Thanks!

  5. #5
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about the following things:

    SSl2 is enabled (nobody should use that any more)

    there are algorithms enabled that shouldnt:
    TLS_ECDH_anon_WITH_AES_128_CBC_SHA (0xc01 INSECURE
    TLS_ECDH_anon_WITH_RC4_128_SHA (0xc016) INSECURE
    TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA (0xc017) INSECURE
    TLS_ECDH_anon_WITH_AES_256_CBC_SHA (0xc019) INSECURE

    According to Bruce Schneier and a few others, RC4 should also be disabled.
    Last:
    BEAST attack Not mitigated server-side (more info) SSL 3: 0x7, TLS 1.0: 0x7 , depending on the operating system and webserver you might want to do an update there as well.

  6. #6
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would also like to see TLS enabled for Tapatalk

  7. #7
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The certificate on this page is no longer valid

  8. #8
    Cnypher's Avatar Private
    Reputation
    1
    Join Date
    Dec 2013
    Posts
    11
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by blamani View Post
    The certificate on this page is no longer valid
    same here

  9. #9
    Ket's Avatar Legendary
    CoreCoins Purchaser Authenticator enabled
    Reputation
    861
    Join Date
    Feb 2008
    Posts
    3,337
    Thanks G/R
    600/313
    Trade Feedback
    29 (93%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Should be all fixed now. Please let me know if any issues.

    Thanks!

  10. #10
    blamani's Avatar Active Member
    Reputation
    19
    Join Date
    Jul 2008
    Posts
    80
    Thanks G/R
    1/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is there a reason why Ownedcore no longer supports TLS?

  11. Thanks Ket (1 members gave Thanks to blamani for this useful post)
  12. #11
    Ket's Avatar Legendary
    CoreCoins Purchaser Authenticator enabled
    Reputation
    861
    Join Date
    Feb 2008
    Posts
    3,337
    Thanks G/R
    600/313
    Trade Feedback
    29 (93%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by blamani View Post
    Is there a reason why Ownedcore no longer supports TLS?
    Actually we are moving towards that very soon.

  13. Thanks Jaladhjin (1 members gave Thanks to Ket for this useful post)

Similar Threads

  1. How do you enable LUA in the core?
    By roguesownu in forum World of Warcraft Emulator Servers
    Replies: 7
    Last Post: 04-12-2008, 05:53 AM
  2. AV-botting without breaking the TOS?
    By Yorii in forum WoW PvP & Battlegrounds
    Replies: 5
    Last Post: 02-04-2008, 06:49 AM
  3. Breaking The Rules
    By DrSeven in forum World of Warcraft General
    Replies: 9
    Last Post: 11-06-2006, 10:02 AM
All times are GMT -5. The time now is 10:31 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search