register gallery
 

Go Back   Mazdaspeed Forums > MSF News And Event Info > Site News & Events > Website Help/Feedback

Website Help/Feedback If you have problems or suggestions for the forum, post here.


Welcome to Mazdaspeed Forums .

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.

*When you join MSF as a registered user, there will be No Ads.

*Registered Members get access to the Off Topic Area of the Forum

*Registered Members have an opportunity to upgrade their accounts to VIP, which brings a host of goddies for supporting MSF such as Raffles, Additional Forum Access, More PM Storage, The ability to upload more Images and many other enhancements.

*Registered members also get access to the live chat box!
Reply
 
Bookmark and Share LinkBack Thread Tools Search this Thread Display Modes
 Old 06-13-2018, 04:05 PM   #1
 
Fuzzies's Avatar
 
Join Date: Jun 2018
Location: Truckee, CA
Posts: 4   (View Stats)
iTrader: (0)
Rep Power: 0
Fuzzies is an unknown quantity at this point
Thanks: 0
Thanked 0 Times in 0 Posts
Groans: 0
Groaned at 0 Times in 0 Posts
(Thread Starter)
Not Ranked  0 score     
Default No HTTPS?

Is there a technical reason as to why https is not enabled on this site? This prevents data from your computer the servers hosting the forum from creating an encrypted connection and ends up passing any data (including usernames and passwords!) as plaintext data that anyone between your computer and the servers to be able to see everything. This includes someone snooping on your browsing via and open no password, or shared wifi network.

I work in IT and just pointing out some things I noticed. If the admins have any questions they can PM me.
Fuzzies is offline   Reply With Quote
 Old 06-13-2018, 04:34 PM   #2
 
kTaLgsTo's Avatar
 
Join Date: Dec 2017
Location: Idaho
Posts: 566   (View Stats)
iTrader: (0)
Rep Power: 0
kTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the worldkTaLgsTo is the leader of the world
Thanks: 84
Thanked 214 Times in 146 Posts
Groans: 10
Groaned at 1 Time in 1 Post
Not Ranked  0 score     
Default

This forum is old and ded, whatever it is currently at, set to, and/or running on, is what it will be until someone buys the rights from the current owner.
__________________
2011 MS3 Tech - 2008 Jeep Grand Cherokee CRD - 1989 Crown Vic LTD LX - 1985 Lincoln Town Car Signature
The key to happiness is owning a car ridiculously slower than your 'fast' car.
kTaLgsTo is offline   Reply With Quote
 Old 12-31-2018, 06:30 PM   #3
 
mgeoffriau's Avatar
 
Join Date: Mar 2014
Posts: 17   (View Stats)
iTrader: (0)
Rep Power: 64
mgeoffriau has a spectacular aura aboutmgeoffriau has a spectacular aura about
Thanks: 0
Thanked 4 Times in 3 Posts
Groans: 0
Groaned at 1 Time in 1 Post
Not Ranked  0 score     
Default

Just bumping this thread.

1. HTTPS needs to be enabled by default. All that's required is a redirect to HTTPS when the site first loads.

2. A valid SSL certificate needs to be installed. The current one expired in 2011 and doesn't include the hostname as a SAN. Let's Encrypt is providing SSL certificates for free, I'm guessing there's probably a plugin for the forum server software that will handle this.

As an aside, anyone with an account here needs to be using a password completely different from any other password you use on the Internet.
__________________
2009 MS3 | Pretty Much Stock

Last edited by mgeoffriau; 12-31-2018 at 06:30 PM. Reason: MSF Database - Automerged Doublepost
mgeoffriau is offline   Reply With Quote
 Old 12-31-2018, 08:06 PM   #4
MSF's Punishing Member
 
Pu Manchu's Avatar
 
Join Date: Apr 2011
Posts: 2,942   (View Stats)
iTrader: (7)
Rep Power: 2770
Pu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the worldPu Manchu is the leader of the world
Thanks: 5,148
Thanked 5,289 Times in 1,843 Posts
Groans: 541
Groaned at 179 Times in 116 Posts
Not Ranked  0 score     
Default

this website already got hacked way back, look it up, https ain't gonna save you.
__________________
94 M
06 MS6
Pu Manchu is offline   Reply With Quote
 Old 01-01-2019, 10:25 AM   #5
 
mgeoffriau's Avatar
 
Join Date: Mar 2014
Posts: 17   (View Stats)
iTrader: (0)
Rep Power: 64
mgeoffriau has a spectacular aura aboutmgeoffriau has a spectacular aura about
Thanks: 0
Thanked 4 Times in 3 Posts
Groans: 0
Groaned at 1 Time in 1 Post
Not Ranked  0 score     
Default

Not sure what your point is. No single thing solves all security issues. HTTPS is still a baseline requirement if you're passing any kind of sensitive information, including user credentials. It should take no more than 30 minutes to do (including signing up for an account with Let's Encrypt) and cost nothing.
__________________
2009 MS3 | Pretty Much Stock
mgeoffriau is offline   Reply With Quote
 Old 01-02-2019, 07:33 AM   #6
 
Fstrnyou's Avatar
 
Join Date: Jul 2016
Location: Near Charlotte NC
Posts: 2,328   (View Stats)
iTrader: (0)
Rep Power: 0
Fstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the world
Thanks: 52
Thanked 629 Times in 490 Posts
Groans: 21
Groaned at 6 Times in 5 Posts
Not Ranked  0 score     
Default

Hint: don't pass sensitive information on forums.
__________________
'06 MS6 GT-167k Miles(Forged@157,116)
Manley Pistons & Rods, King Bearings
Stock Head/Cams, Stock Int/Exh Manifolds
Versatuner, 3-bar MAP, ITV22, CP-e TMIC
CS Turbo/DP/RP/HPFP/BPV/R-DiffMount
White Widow F-DiffMount, Whiteline RSB
Rear Russian Bushings, Poly FSB Bushings
Magnaflow CBE, ACT 6-puck/Streetlite
JBR Tru-3.5/3-port EBCS/EGR-D
Damond RMM/PMM/OCC/PCV Plate
Other rides:
2014 F-150 XLT SuperCrew Ecoboost
2002 Tacoma ExtCab 2.4L 5spd 2WD
2004 Olds Alero ECOtec 2.2 - Broken
History:
2008 GSX-R 1000 - Stolen
1988 RX-7 TII - Sold (13.467 @ 105.44)
1985 Camaro - Sold (est. 265bhp 5.7 swap, Edelbrock intake & Hooker headers)
http://www.mazdaspeedforums.org/forum/redirect-to/?redirect=http%3A%2F%2Fcse.google.com%2Fcse%3Fcx%3 D007197676933930921148%3Apwlh1e31oxu%23gsc.tab%3D0
Fstrnyou is offline   Reply With Quote
The Following User Says Thank You to Fstrnyou For This Useful Post:
monkey.bones.007 (01-02-2019)
 Old 01-02-2019, 08:35 AM   #7
 
mgeoffriau's Avatar
 
Join Date: Mar 2014
Posts: 17   (View Stats)
iTrader: (0)
Rep Power: 64
mgeoffriau has a spectacular aura aboutmgeoffriau has a spectacular aura about
Thanks: 0
Thanked 4 Times in 3 Posts
Groans: 0
Groaned at 1 Time in 1 Post
Not Ranked  0 score     
Default

Originally Posted by Fstrnyou View Post
Hint: don't pass sensitive information on forums.
Passwords are sensitive information.
__________________
2009 MS3 | Pretty Much Stock
mgeoffriau is offline   Reply With Quote
 Old 01-02-2019, 08:38 AM   #8
 
Fstrnyou's Avatar
 
Join Date: Jul 2016
Location: Near Charlotte NC
Posts: 2,328   (View Stats)
iTrader: (0)
Rep Power: 0
Fstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the worldFstrnyou is the leader of the world
Thanks: 52
Thanked 629 Times in 490 Posts
Groans: 21
Groaned at 6 Times in 5 Posts
Not Ranked  0 score     
Default

Maybe I'm unique and don't care if someone gets my forum password and jacks up all my posts or deletes them.
__________________
'06 MS6 GT-167k Miles(Forged@157,116)
Manley Pistons & Rods, King Bearings
Stock Head/Cams, Stock Int/Exh Manifolds
Versatuner, 3-bar MAP, ITV22, CP-e TMIC
CS Turbo/DP/RP/HPFP/BPV/R-DiffMount
White Widow F-DiffMount, Whiteline RSB
Rear Russian Bushings, Poly FSB Bushings
Magnaflow CBE, ACT 6-puck/Streetlite
JBR Tru-3.5/3-port EBCS/EGR-D
Damond RMM/PMM/OCC/PCV Plate
Other rides:
2014 F-150 XLT SuperCrew Ecoboost
2002 Tacoma ExtCab 2.4L 5spd 2WD
2004 Olds Alero ECOtec 2.2 - Broken
History:
2008 GSX-R 1000 - Stolen
1988 RX-7 TII - Sold (13.467 @ 105.44)
1985 Camaro - Sold (est. 265bhp 5.7 swap, Edelbrock intake & Hooker headers)
http://www.mazdaspeedforums.org/forum/redirect-to/?redirect=http%3A%2F%2Fcse.google.com%2Fcse%3Fcx%3 D007197676933930921148%3Apwlh1e31oxu%23gsc.tab%3D0
Fstrnyou is offline   Reply With Quote
 Old 01-02-2019, 08:41 AM   #9
 
mgeoffriau's Avatar
 
Join Date: Mar 2014
Posts: 17   (View Stats)
iTrader: (0)
Rep Power: 64
mgeoffriau has a spectacular aura aboutmgeoffriau has a spectacular aura about
Thanks: 0
Thanked 4 Times in 3 Posts
Groans: 0
Groaned at 1 Time in 1 Post
Not Ranked  0 score     
Default

Originally Posted by Fstrnyou View Post
Maybe I'm unique and don't care if someone gets my forum password and jacks up all my posts or deletes them.
I'd argue that isn't ideal for a forum regardless, but given that HTTPS is basically standard across the board for any login to websites, many people assume it is secure and reuse the same password across different sites.

Security policies and practices should reflect how people actually use things, not ideal world scenarios.
__________________
2009 MS3 | Pretty Much Stock
mgeoffriau is offline   Reply With Quote
The Following User Says NO Thank You to mgeoffriau For This Un-useful Post:
Db09ms3 (01-02-2019)
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 04:32 PM.
Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
vB.Sponsors
Template-Modifications by TMS
©Copyright 2008 ; 2019 Cymru Internet Services LLC | FYHN™ Autosports HQ
Ad Management plugin by RedTyger
Page generated in 0.28870 seconds with 23 queries