Stamp Community Family of Web Sites
Stamp Community Forum
Username:
Password:
Save Password
Forgot your Password?

Welcome Guest! Need help? Got a question? Inherit some stamps?
Our stamp forum is completely free! Register Now!

Log in question when using FireFox  
 

 
To participate in the forum you must log in or register.
Author Previous Topic Topic Next Topic  
Valued Member
Learn More...
United States
158 Posts
Posted 11/08/2016   09:47 am  Show Profile Bookmark this topic Add wheelman to your friends list  Get a Link to this Message
Anyone have any idea why I keep getting the attached message when logging in through FireFox?? It keeps reappearing every time changing screens. Very annoying! No problem with Internet Explorer.



*** Moved by Staff to a more appropriate forum. ***
Send note to Staff

Pillar Of The Community
United States
4282 Posts
Posted 11/08/2016   10:12 am  Show Profile Check Petert4522's eBay Listings Bookmark this reply Add Petert4522 to your friends list  Get a Link to this Reply
I use Firefox and I do not get that. However, when I use Chrome I sometimes get a similar message that won't quit. I ran my anti virus program and it went away.

Peter
Send note to Staff  Go to Top of Page
Pillar Of The Community
United States
1627 Posts
Posted 11/08/2016   10:18 am  Show Profile Bookmark this reply Add PostmasterGS to your friends list  Get a Link to this Reply
This is usually caused by having your login info in the bookmarked URL. Change your bookmark to just the basic URL and see if that fixes the problem.

Example:

Don't have it set like this -- http://myusername:mypassword --at-sign-- stampcommunity.org

Have it set to this -- https://www.stampcommunity.org
Send note to Staff  Go to Top of Page


Presenting the GermanStamps.net Collection - Germany, Colonies, & Occupied Territories, 1872-1945
Edited by PostmasterGS - 11/08/2016 10:23 am
Moderator
Learn More...
United States
4360 Posts
Posted 11/10/2016   11:06 am  Show Profile Bookmark this reply Add kirks to your friends list  Get a Link to this Reply
Yeah. Don't do that.

Also %2E is the . (period) character. Not sure how/why it was 'encoded' that way.

You've probably seen %20 in URLs when there is a SPACE in the address (also a bad idea).
Send note to Staff  Go to Top of Page
Valued Member
Learn More...
United States
158 Posts
Posted 01/09/2017   07:25 am  Show Profile Bookmark this reply Add wheelman to your friends list  Get a Link to this Reply
Guys - so sorry about the duplicity on this request. I did fix it back in November but looks like it came back somehow and I totally forgot about the previous request. In my defense - I am of that age group.
Send note to Staff  Go to Top of Page
Valued Member
United States
288 Posts
Posted 01/09/2017   08:40 am  Show Profile Bookmark this reply Add EricBismarck to your friends list  Get a Link to this Reply
The big browsers, including at least Firefox and Chrome (soon) (with Edge to follow suit) will be issuing this warning to any user logging into any website that does not use SSL (https) for encrypting traffic from end-to-end.

The reason for this is that on a non-ssl site, your password is sent as clear, unencrypted text over the wire.

StampCommunity would need to purchase an SSL cert and implement in order to stop these warnings from going away.

SSL Sites can easily be identified by the green icon that will show up in your address bar. (for example, just go to google.com and you will see that all google traffic is secure)

At some point in the future (a few years down the road), it is likely that browsers will actually prevent logins to non-secure sites.
Send note to Staff  Go to Top of Page
Pillar Of The Community
United States
4282 Posts
Posted 01/09/2017   08:56 am  Show Profile Check Petert4522's eBay Listings Bookmark this reply Add Petert4522 to your friends list  Get a Link to this Reply
My computer does not show any green on the SSL sites ( must be out of green ink! ). I am using FireFox and was told that to recognize a SSL site to look for the "s" after http in the address.


Peter
Send note to Staff  Go to Top of Page
Forum Dad
Learn More...
USA
1175 Posts
Posted 01/09/2017   10:15 am  Show Profile Bookmark this reply Add bobby131313 to your friends list  Get a Link to this Reply
Eric, you're so way off base. SSL has nothing to do with it (I've used FF forever and never seen it.), and absolutely isn't necessary for this site. In fact, if anyone forces me to get SSL here I'll just shut the place down or sell it. That's absurd. Between the coin forum and here there are over 2,000 posts a day, that's a ton of people logging in on 2 non-SSL sites every single day with only with 2 complaints. So not even close to the issue.
Send note to Staff  Go to Top of Page


Valued Member
United States
288 Posts
Posted 01/09/2017   12:57 pm  Show Profile Bookmark this reply Add EricBismarck to your friends list  Get a Link to this Reply
I was incorrect in the fact of the OP's error message, and I see along with the above folks who replied, that it has to do with sending the loginname/password direct in the URL- Wheelman - check your URL it might be malformed in the address bar

However, on SSL, the fact still remains: Mozilla and Chrome are both planning to deprecate HTTP.

It is a gradual phaseout, but it is happening as we speak. Chrome already is telling me that "This site is not secure". The warning will become more prominent in future version.

Luckily, SSL Certs have come down quite a bit in price...they will probably come down more soon. You can get them for around $50/year.

https://threatpost.com/chrome-to-la...2017/120452/

http://motherboard.vice.com/read/go...chrome-https

https://blog.dareboost.com/en/2016/...our-website/


Quote:

Chrome users who navigate to some HTTP sites will be notified, starting in January, they're on a site that isn't secure.

Google said today the browser will begin explicitly labeling HTTP connections that feature either a password or credit card form as non-secure. The company said the plan is its first step toward marking all HTTP sites as non-secure, though it didn't provide a timetable for the undertaking.


Send note to Staff  Go to Top of Page
Edited by EricBismarck - 01/09/2017 12:59 pm
Pillar Of The Community
1509 Posts
Posted 05/25/2017   4:43 pm  Show Profile Bookmark this reply Add I Brake For Stamps to your friends list  Get a Link to this Reply

Quote:
with only with 2 complaints


Three.

I use Firefox and I get that warning message every time I log in. I've checked all the things suggested in this topic and still have the problem. ("this site is not secure and my username and password could be compromised").




-IBFS
Send note to Staff  Go to Top of Page


All science is either Physics or Stamp Collecting. -- Ernest Rutherford
Forum Dad
Learn More...
USA
1175 Posts
Posted 05/26/2017   12:09 am  Show Profile Bookmark this reply Add bobby131313 to your friends list  Get a Link to this Reply
We will never go SSL here. It's just NOT necessary and it's COMPLETELY absurd that browsers "warn" you. We're not handling anything important here whatsoever.
Send note to Staff  Go to Top of Page


Pillar Of The Community
Canada
1891 Posts
Posted 05/26/2017   07:28 am  Show Profile Bookmark this reply Add area66 to your friends list  Get a Link to this Reply

Quote:
I use Firefox and I get that warning message every time I log in. I've checked all the things suggested in this topic and still have the problem.


Use Google, I have 0 issue.... and don't use your bank credential with forums. Firefox start to be anoying with their asking for donation.
Send note to Staff  Go to Top of Page
Edited by area66 - 05/26/2017 07:31 am
Pillar Of The Community
United States
1627 Posts
Posted 05/26/2017   08:29 am  Show Profile Bookmark this reply Add PostmasterGS to your friends list  Get a Link to this Reply
IBFS,

Are you getting the message posted in the OP of this thread, or the one shown at the top of this article.

If the second, this is a new "feature" of Firefox, and you're going to get it on any non-SSL site with a login. This is an unnecessary "feature", IMHO, for the reasons Bobby discusses above. If you want to get rid of the Firefox message, you can follow the steps at the article I linked.
Send note to Staff  Go to Top of Page


Presenting the GermanStamps.net Collection - Germany, Colonies, & Occupied Territories, 1872-1945
Pillar Of The Community
Learn More...
United States
2785 Posts
Posted 05/26/2017   11:36 am  Show Profile Check revenuecollector's eBay Listings Bookmark this reply Add revenuecollector to your friends list  Get a Link to this Reply

Quote:
We will never go SSL here. It's just NOT necessary and it's COMPLETELY absurd that browsers "warn" you. We're not handling anything important here whatsoever.


I don't want to sound contrarian or argumentative. That's not my intent. This is intended to provide some information/advice:

Not only will browsers be warning users any time a login/password is submitted to a non-SSL website, but Google at some point will be penalizing non-secure sites in their ranking algorithms.

As someone who owns 10+ websites, most of them small hobby sites that generate ZERO revenue, I was more than a little bit scared by this and the potential costs and technical hurdles with converting that many sites to SSL. As it turns out, it was FAR less onerous than expected, and cost me $0 out of pocket to convert all 10+ sites.

I converted all of my websites to SSL 2.5 weeks ago. If you go to revenue-collector.com, you'll see it's now a secure site.

A few notes:

1. You no longer have to purchase an SSL cert. https://LetsEncrypt.org is an open source CA provider and install and autorenewal (via AutoSSL) can be handled through cPanel/WHM. My hosting company installed SSL certs for all my domains in about 10 minutes. This option did not exist as little as a year ago. At that point I would have had to pay an annual fee for an SSL cert for every domain name. So cost should no longer be a barrier.

2. I had to set up .htaccess rules to perform transparent permanent redirects (301) from http:// to https:// for my pages and scripts. That is how image and page links I've posted here and other forums over the years all still work. It doesn't require going back and changing links at the source; the redirects take care of it all. This took a little bit of doing and some trial and error, but again my hosting company did all the heavy lifting. If desired, I can provide some sample .htaccess rules that were implemented on my sites.

3. The only thing I had to do then was check across my scripts for any explicit full URLs I had coded (I try to use relative paths whenever possible to avoid just this scenario), or any Meta HTTP redirects that redirected pages to new locations. The only reason this took as long as it did is that my perl code is ancient, dating back to the late 1990s, and is now a bit of a spaghetti mess. My own fault.

It was a daunting prospect beforehand, but in hindsight I should have done it sooner. It was nowhere near as difficult as expected. Most of my sites were fully functional as secure sites with 5-10 minutes of tweaking, and for my most complicated dynamic site it took a few days to get everything ironed out.

I'm not trying to tell you what to do; this is your ball game. I just wanted to give the perspective of someone who just recently went through the transition and came out relatively unscathed.
Send note to Staff  Go to Top of Page


Edited by revenuecollector - 05/26/2017 11:41 am
  Previous Topic Topic Next Topic  
 
To participate in the forum you must log in or register.
United States Postal Service, Now on eBay!United States Postal Service, Now on eBay!
New Forum Topics Recently Active Forum Topics
  Things you Probably Won't Find at Dealer Tables
  Very rare set of the 1949-50 Coat of Arms
  What is normal practice for reopening lots in a live auction?
  Precancel prices vs. Scott
  Is this considered offset on back of this stamp..?
  Scott 498 - different colours..??
  Minnesota Stamp Expo
  Advertising Pages from 1907 Scott
  Morocco Page not Usually seen in Big Blue
  Christmas Stamps of 1970 - Kiss Print or Double Print
  More cluelessness, as if no one was convinced yet
  Alaska Mass Flight Mail - 1934
  Guide lines and joint lines for coil pairs
  help me plate this scott 21 type III
  Complete set of Australian Framas
  Total eclipse scott number
  Early Ceylon with "CAVE" overprint
  Over & underinked embossed covers and 1 cut square
  Question Regarding Color of GB Scott 98
  Scott 1700a or 1700e
  Do you recognize this cancellation?
  Ebay netflix tax now impossed on all Australian ebay sellers
  Old Stamp Collection Book
  Has anyone seen this R155 overprint inking anomaly before?
  RB15c with bogus rouletting?

  My Australian Collection 1850 - 1965
  What is normal practice for reopening lots in a live auction?
  Classifying Official/Penalty Envelopes
  italy stamp imperf 1862-63 is this type I or type II,please help me identify?
  Things you Probably Won't Find at Dealer Tables
  Very rare set of the 1949-50 Coat of Arms
  Famous Architects
  Alaska Mass Flight Mail - 1934
  New to Plate Block Collecting
  Which stamp do you wish having that you don't have?
  Something strange on the back of this pair of revenue stamps
  Best catalog to purchase
  Morocco Page not Usually seen in Big Blue
  Need help! Have big collection of early stamps
  Reorganizing Scott International
  Precancel prices vs. Scott
  $2 Columbian MNH Full Pane of 100 - Auction Watch
  Is this considered offset on back of this stamp..?
  Advertising Pages from 1907 Scott
  help me plate this scott 21 type III
  Minnesota Stamp Expo
  One of these eBay sellers is a bit clueless
  Guide lines and joint lines for coil pairs
  Scott 498 - different colours..??
  Scott 1700a or 1700e

Disclaimer: While a tremendous amount of effort goes into ensuring the accuracy of the information contained in this site, Stamp Community assumes no liability for errors. Copyright 2005 - 2017 Stamp Community Family - All rights reserved worldwide. Use of any images or content on this website without prior written permission of Stamp Community or the original lender is strictly prohibited.
Privacy Policy / Terms of Use    Advertise Here
Stamp Community Forum © 2007 - 2014 Stamp Community Forums Go To Top Of Page
It took 0.86 seconds to lick this stamp. Powered By: Snitz Forums 2000 Version 3.4.05