Page 1 of 1

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Tue Jun 27, 2017 8:08 am
by tokigami.kineko
Without HTTPS, it is straightforward for bad hackers to steal passwords when users log in.

This forum hasn't attracted a hacker, yet. But, it could someday.

I surmise any aspiring hacker would hack this board for practice or fun at some point in the future.

It's time to lock the safe before a thief comes.

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Tue Jun 27, 2017 8:14 am
by Ambiguity
None of us here know how to do that, and afaik only sycra has server side access.

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Mon Jul 03, 2017 11:39 am
by azarga
Tbh I couldn't care less about my forum password and email being stolen.
Nothing important is at risk.

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Sun Aug 27, 2017 12:09 pm
by Neevie
Hey hi :) there is a site called https://letsencrypt.org/ where you can get a free certificate for a https site. You guys who helped to programm the site could help to move the site to https.
This link https://www.keycdn.com/blog/http-to-https/ is a complete guide to migrate http to https. Even if your site is written in html the migration should work.
Yes you need server side access. So probably sycra must read this first. I don`t know how much time he has to do this or if he is active in the forum.
And I don`t know how much he spends on the certificate for his server now. But with https you have less problems e.g spam bots, security etc.

I really like this forum guys. And I did read the terms and conditions xD

edit : oh and I scaned sycras site with copyscape. You have several Scrapers...these are bandit bots. They steal and duplicate content, as well as e-mail addresses.

"Scraper bots normally focus on retrieving data from a specific website. They also try to collect personal information from directories or message boards. While scraper bots target a variety of different verticals, common industries include online directories, airlines, e-commerce sites and online property sites. Scraper bots will also use your content to intercept web traffic. Additionally, multiple pieces of scraped content can be scrambled together to make new content and allow them to avoid duplicate content penalties.

What’s at risk: Scrapers grab your RSS feed so they know when you publish content. However, if you don't know that your site is being attacked by scrapers, you may not realize there's a problem. In the eyes of Google, however, ignorance is no excuse. Your website could be hit by severe penalties for duplicate content and even fail to appear in search engine rankings.

How to fight back: Be proactive and attentive to your site, thus increasing the likelihood that you can take action before severe damage is done." by https://moz.com/blog/how-to-prevent-hac ... ur-website

here the results : http://www.copyscape.com/?q=http%3A%2F% ... 2Fforum%2F

Just wanted to help somehow

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Wed Dec 20, 2017 1:09 am
by Bugpal Hopeday
Seconding the above. Major browsers have moved from treating https as optional to flagging http as dangerous. So even if the effects of data being leaked would be minor (not sure), the other issue is it might scare new users off when they see a flashing danger sign.

Sycrar Art Forum needs to adopt HTTPS to protect passwords.

PostPosted: Wed Dec 20, 2017 2:50 pm
by Ambiguity
Sycra is still the only one who can do anything about it, I suggest PMing him if it really matters to you, but the peeps who helped him with the code before haven't been around here for a long while so I don't even know if he'll be able to do anything about it.