SSL Cert

Started by megarek, July 02, 2011, 10:12:18 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Bjw

actually no mindless.I downloaded the v2 version from Btdev.About 3 or 4 weeks ago.I went through your updated files here also.I had minor problems at first but as the site got loaded up Things would pop up.Even the body problem on the forums on the newest release I had to edit.I am not complaining here at all.I think there are some issues depending on what operating systems we are using that may not show up until it is actually being put under different conditions.MrRep thanks I was thinking to much :) your help is appreciated.

Thanks mindless for all your work

Mindless

#14
If you would update your files from SVN like yer supposed to then half the things you post about are already done ages ago, no excuse what so ever for no using up to date code. The mod is posted on Btdev - It is a 2 second job to remove again no excuses for simple stuff like this man, the full system has been worked on ages ago and the test site code along with SVN code all updated but let me guess your files are from ages ago cos theres no other reason this would happen.

MrRep

remove the redirect on the .htaccess ;)

Bjw

yes it is doing the same for me even if I disable it and run sql to have it off on all users it still moves back to https.There appears to be no way of stopping it.I even edited the config to have it http on the server only but still goes back to the https.I also deleted cookies and cache in ff and still it will move back to https.I don't have a problem with the torrents but the mybonus.php will not work as it will do the I smell a rat because of the https.Also I have noticed that with the https ssl it seems to slow the site down a lot with many users on it and running 6000 torrents.I no I can fix the mybonus.php but to be honest I would like to have the option of cutting off ssl .Now if I turn off ssl on the server for the domain I am using them the site will not work.Kind of stuck with it for now.
I wanted this one to be my last switch fo a long time but I may have to change all of it one more time if this all keeps going like it is :)

Thanks for any suggestions

stoner

Quote from: megarek on July 02, 2011, 10:29:19 PM
OK, thanks for your time Mindless.

I wont be deleting the code though, i'll be looking into getting a Cert!

Once again thanks.... and its an awesome source, hence not deleteing :)

The only issue I know of with seedboxes, is Rtorrent does not like self signed certs.  There is a work around for it, where you can add the cert manually to the seedbox server and call it up in the .rtorrent.rc file.  I will try and get something written up for it, if I get some time off later.  BUT, its prolly a bit much for a standard seedbox user, as most prolly wont even have enough access to there slice to do it.

Best bet is to buy a SSL cert from a reputable company, should only cost around

Bjw

delete your cookie.Go to the config and change the https to http.Or edit your login.php and remove the checkbox or boxes .I agree with mindless enableing ssl on your server is a simple matter .Hmm I deal in linux rofl don't know a damm thing about windows though but google is my best friend.You should enable ssl.

Now I can add a certificate through directadmin .So as this thread progresses I would like to get rid of the warning with code or a self generating certificate.I am a penny pincher

kiran474

SSL Install & Self signed certificate on Debian lenny

apt-get install openssl

if u have apache 2

/usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

it will ask server name for self sign certificate enter it

above step will create 2 files in /etc/apache2/ssl

then add Listen 443 inside <IfModule mod_ssl.c> in  /etc/apache2/ports.conf
Listen 443

To enable ssl

a2ensite default-ssl
a2enmod ssl

Mindless

Yeah i'll do some sticky theads soon.

megarek

OK, thanks... downloading zip now.

and in reguards to the SSL Cert, i am going to purchase one, i'm looking though potential supliers now.

Maybe you could instruct/post a thread on creating your own cert... Or is that asking too much?

Thanks

Mindless

#6
Remember to replace your root .htaccess file, i updated SVN and rar today - You can even create certs yourself like i have here, i can post the instruct for removal if you need its only over a few files. I mean SSL wont stop ye getting busted but it does provide a extra layer for protecting your members i guess.

megarek

OK, thanks for your time Mindless.

I wont be deleting the code though, i'll be looking into getting a Cert!

Once again thanks.... and its an awesome source, hence not deleteing :)

Mindless

#4
Yes remove the code - the mod is posted on Tbdev and Btdev by putyn - Your site is illegal and you know that as everyone does, dont you think you should spend 10 minutes and install SSL, i dont put it in the code as default for fun theres a perfectly valid reason for it. And make sure you Update the .htaccess from SVN or here as it has a forced rewrite rule on it which shouldnt be there and take my advice get the SSL installed.

megarek

#3
But is there anyway of stopping it all together, so its not even selectable at the login page?

And on a side note, even if i login with them unticked... it is still secure - https, i would like to be http as its causing errors on our torrents on seedboxes.

Cheers

MrRep

log out, and unselect ssl on the login page.

megarek

Sorry to ask....

But is there anyway of stopping/"editing" out the SSL Certificate?

No matter what i try the site always directs to https

Thanks