Asher Guitars WD Music Products Amplified Parts Mod Kits DIY Nordstarnd Pickups darrenriley.com
Asher Guitars WD Music Products Amplified Parts Mod Kits DIY Nordstarnd Pickups Warmoth.com
Asher Guitars WD Music Products Amplified Parts Mod Kits DIY Nordstarnd Pickups Warmoth.com

Maybe it’s time for this forum to become a secure site? Just asking

Discussion in 'Forum Problems & Issues' started by tap4154, Sep 17, 2018.

  1. tap4154

    tap4154 Poster Extraordinaire Silver Supporter

    Apr 14, 2009
    Southern California
    As has been commmented in threads many times before, when you login here you get a warning that it’s not a secure site, then we see all the Chinese spam that keep coming back. Almost this entire bad dog café is spam now. Personally I’m starting to stay away because I’m thinking I’m going to get some malicious virus. Love the forum, but it’s got to be maintained guys. That said, I really feel for you guys having to deal with this, but something needs to change in my humble opinion.
     
    JL_LI, 5ofeight, Doctorx33 and 3 others like this.

  2. WetBandit

    WetBandit Friend of Leo's

    Age:
    28
    Oct 11, 2016
    37804
    Agreed.
     
    tap4154 likes this.

  3. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    The secure site warning has nothing to do with the spammer. You’d still get the same spam postings.

    The x509 certificates simply use a public/private key pair to encrypt all traffic between your browser and this site. It prevents man-in-middle attacks.

    To use a snail mail example.

    This site sends traffic like you’d mail a post card. Anyone who gets the post card while it’s going from here to there can read what’s on it.

    A man in the middle attack would be someone changing what was written on the card.

    With certificates, it’s similar to a sealed letter. No one can readwhat’s in it or change it. They’d have to open the envelope (crack the encryption) to modify it.


    For spammers, the site needs to implement better sign up processes. Can’t create a post until they’ve been on the site a week or until they respond to 10 posts. Worst case, the have to be approved by a moderator or admin. When I had my forums, I had to approve all members. I’d search the username and IP and if reported as a spammer, block the IP. But it’s a bit ofwork. Unpaid work.

    Anyway. Hope that helps.

    Carl
     

  4. jhundt

    jhundt Doctor of Teleocity

    Age:
    64
    Mar 23, 2003
    Netherlands
    that's strange... I had one or two incidents of Chinese(?) spam, but I ignored the posters. I haven't seen anything for more for several days, maybe even weeks. Don't see anything in the 'new posts' section either. It's all working same as it ever was for me.
     
    waparker4, Mike SS, thegeezer and 3 others like this.

  5. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    Yea, I’ve seen four or five bursts but I also ignore the spammer. I’m also using an extensive malware/adware blocker at the house. But I’d absolutely say, do not click on the links and you’ll likely avoid viruses.

    Note that you have a chance of getting a virus or other hijacking program by not blocking ads. Many of the recent ones are drive-bys where the ad company is fooled.

    Carl
     

  6. blowtorch

    blowtorch Telefied Ad Free Member

    May 2, 2003
    Wisco
    No reason for it to be a "Secure" site. no one's buying or selling anything
     
    dlew919 likes this.

  7. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    The problem is the belief that net traffic should be encrypted. Since chrome and firefox both bark at sites not configured with a certificate, it might be helpful, fewer such warnings, to get a certificate. As I noted elsewhere, free ones are available, letsencrypt for example.

    Carl
     
    TokyoPortrait likes this.

  8. Obsessed

    Obsessed Doctor of Teleocity Silver Supporter

    Nov 21, 2012
    Montana
    +1 Yup, me too. Just hit ignore and go on. Finally they hardly ever show up on my screen anymore.

    Besides, too many insecure tele players for alternative actions.;)
     

  9. tap4154

    tap4154 Poster Extraordinaire Silver Supporter

    Apr 14, 2009
    Southern California
    I don't know... I kind of like the sealed letter approach, rather than the one where the middle man can read or change what's written on it. And unless I've been misunderstanding this, folks who own this site are actually making money by running the site, so it's not a charity operation.
     
    WetBandit likes this.

  10. WetBandit

    WetBandit Friend of Leo's

    Age:
    28
    Oct 11, 2016
    37804
    Oops, we agree again...
     

  11. blowtorch

    blowtorch Telefied Ad Free Member

    May 2, 2003
    Wisco
    So , start your own "secure" site.....
     
    nojazzhere likes this.

  12. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    No argument there but it has nothing to do with the spam :) Folks will see the same warning on other sitesthat don’t use certificates. It’s annoying to manage. Last I heard, letsencrypt had a fairly short expiration period, 6 months. Someone created an auto-reencrypt tool but it just adds to the annoyance. I’m for it. Back in the day, it was $100 a year for an official cert. Not cheap for someone hosting a hobby site.

    Carl
     

  13. Nick Fanis

    Nick Fanis Friend of Leo's Ad Free Member

    Mar 3, 2003
    Athens-GREECE
    This and only this.
     

  14. Frank'n'censed

    Frank'n'censed Doctor of Teleocity

    Mar 27, 2011
    Parts Unknown
    Not quite sure about how some claim to see no spam for several days? Cuz if you’re here most days, like myself, they show up frequently. Counting my ignore list, there’s roughly about 40 spammers
     
    bender66 likes this.

  15. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    The game forum I’m on has the 10 replys before you can create a new thread method. I seldom see spam there and it’s a pretty heavily used site (rpg.net).

    Carl
     

  16. Freejack

    Freejack Friend of Leo's Ad Free Member

    Age:
    61
    Apr 26, 2011
    Nederland, CO
    I doubt the mods are ignoring them. While I’m on the site daily, I’m not reading threads constantly. I have work to do :) plus the other forums I’m on plus news plus just playing guitar. :)

    Carl
     

  17. william tele

    william tele Doctor of Teleocity Ad Free Member

    Nov 7, 2009
    Kansas City, MO
    I wish I could get someone to tell me why it's impossible to set posting parameters to prohibit foreign lanquage characters?
     
    nojazzhere likes this.

  18. Frank'n'censed

    Frank'n'censed Doctor of Teleocity

    Mar 27, 2011
    Parts Unknown
    I’m not suggesting the mods are ignoring them for a second, just responding to some of the previous forum member’s replies to this specific thread
     

  19. Tonetele

    Tonetele Friend of Leo's

    Jun 2, 2009
    South Australia
    I have been "scammed" $5,000 and recently an attempt was made on my computer for a further $,5000. What was frightening was some of my account numbers and old passwords appeared.
    I immediately had it cleaned professionally by an ex military electronics engineer.
    So , when I see these Chinese/Asian language spams I get immediately fearful and get of this site. That is a pity as I am genuinely interested in what others have to say ( often I don't comment).
    I'm sure the moderators are doing their best as it was a mess 4 hours ago.
     

  20. tap4154

    tap4154 Poster Extraordinaire Silver Supporter

    Apr 14, 2009
    Southern California
    $100 compared to how much any of us who subscribe in combination pay? Again, this is not a charity site, folks make money running this site. Maybe we aren’t giving credit card numbers across this site, but there’s other information that hackers could get that could lead to other things? If your password here is used on other sites, it’s exposed. As is your date of birth and other information. Also personal information you may disclose in your posts.
     

IMPORTANT: Treat everyone here with respect, no matter how difficult!
No sex, drug, political, religion or hate discussion permitted here.