Stamp Community Family of Web Sites
Stamp Community Forum
Username:
Password:
Save Password
Forgot your Password?

Welcome Guest! Need help? Got a question? Inherit some stamps?
Our stamp forum is completely free! Register Now!

Log in question when using FireFox  
 

 
To participate in the forum you must log in or register.
Author Previous Topic Topic Next Topic  
Valued Member
Learn More...
United States
153 Posts
Posted 11/08/2016   09:47 am  Show Profile Bookmark this topic Add wheelman to your friends list  Get a Link to this Message
Anyone have any idea why I keep getting the attached message when logging in through FireFox?? It keeps reappearing every time changing screens. Very annoying! No problem with Internet Explorer.



*** Moved by Staff to a more appropriate forum. ***
Send note to Staff

Pillar Of The Community
United States
4176 Posts
Posted 11/08/2016   10:12 am  Show Profile Check Petert4522's eBay Listings Bookmark this reply Add Petert4522 to your friends list  Get a Link to this Reply
I use Firefox and I do not get that. However, when I use Chrome I sometimes get a similar message that won't quit. I ran my anti virus program and it went away.

Peter
Send note to Staff  Go to Top of Page
Pillar Of The Community
United States
1609 Posts
Posted 11/08/2016   10:18 am  Show Profile Bookmark this reply Add PostmasterGS to your friends list  Get a Link to this Reply
This is usually caused by having your login info in the bookmarked URL. Change your bookmark to just the basic URL and see if that fixes the problem.

Example:

Don't have it set like this -- http://myusername:mypassword --at-sign-- stampcommunity.org

Have it set to this -- http://www.stampcommunity.org
Send note to Staff  Go to Top of Page


Presenting the GermanStamps.net Collection - Germany, Colonies, & Occupied Territories, 1872-1945
Edited by PostmasterGS - 11/08/2016 10:23 am
Moderator
Learn More...
United States
4353 Posts
Posted 11/10/2016   11:06 am  Show Profile Bookmark this reply Add kirks to your friends list  Get a Link to this Reply
Yeah. Don't do that.

Also %2E is the . (period) character. Not sure how/why it was 'encoded' that way.

You've probably seen %20 in URLs when there is a SPACE in the address (also a bad idea).
Send note to Staff  Go to Top of Page
Valued Member
Learn More...
United States
153 Posts
Posted 01/09/2017   07:25 am  Show Profile Bookmark this reply Add wheelman to your friends list  Get a Link to this Reply
Guys - so sorry about the duplicity on this request. I did fix it back in November but looks like it came back somehow and I totally forgot about the previous request. In my defense - I am of that age group.
Send note to Staff  Go to Top of Page
Valued Member
United States
288 Posts
Posted 01/09/2017   08:40 am  Show Profile Bookmark this reply Add EricBismarck to your friends list  Get a Link to this Reply
The big browsers, including at least Firefox and Chrome (soon) (with Edge to follow suit) will be issuing this warning to any user logging into any website that does not use SSL (https) for encrypting traffic from end-to-end.

The reason for this is that on a non-ssl site, your password is sent as clear, unencrypted text over the wire.

StampCommunity would need to purchase an SSL cert and implement in order to stop these warnings from going away.

SSL Sites can easily be identified by the green icon that will show up in your address bar. (for example, just go to google.com and you will see that all google traffic is secure)

At some point in the future (a few years down the road), it is likely that browsers will actually prevent logins to non-secure sites.
Send note to Staff  Go to Top of Page
Pillar Of The Community
United States
4176 Posts
Posted 01/09/2017   08:56 am  Show Profile Check Petert4522's eBay Listings Bookmark this reply Add Petert4522 to your friends list  Get a Link to this Reply
My computer does not show any green on the SSL sites ( must be out of green ink! ). I am using FireFox and was told that to recognize a SSL site to look for the "s" after http in the address.


Peter
Send note to Staff  Go to Top of Page
Forum Dad
Learn More...
USA
1160 Posts
Posted 01/09/2017   10:15 am  Show Profile Bookmark this reply Add bobby131313 to your friends list  Get a Link to this Reply
Eric, you're so way off base. SSL has nothing to do with it (I've used FF forever and never seen it.), and absolutely isn't necessary for this site. In fact, if anyone forces me to get SSL here I'll just shut the place down or sell it. That's absurd. Between the coin forum and here there are over 2,000 posts a day, that's a ton of people logging in on 2 non-SSL sites every single day with only with 2 complaints. So not even close to the issue.
Send note to Staff  Go to Top of Page


Valued Member
United States
288 Posts
Posted 01/09/2017   12:57 pm  Show Profile Bookmark this reply Add EricBismarck to your friends list  Get a Link to this Reply
I was incorrect in the fact of the OP's error message, and I see along with the above folks who replied, that it has to do with sending the loginname/password direct in the URL- Wheelman - check your URL it might be malformed in the address bar

However, on SSL, the fact still remains: Mozilla and Chrome are both planning to deprecate HTTP.

It is a gradual phaseout, but it is happening as we speak. Chrome already is telling me that "This site is not secure". The warning will become more prominent in future version.

Luckily, SSL Certs have come down quite a bit in price...they will probably come down more soon. You can get them for around $50/year.

https://threatpost.com/chrome-to-la...2017/120452/

http://motherboard.vice.com/read/go...chrome-https

https://blog.dareboost.com/en/2016/...our-website/


Quote:

Chrome users who navigate to some HTTP sites will be notified, starting in January, they're on a site that isn't secure.

Google said today the browser will begin explicitly labeling HTTP connections that feature either a password or credit card form as non-secure. The company said the plan is its first step toward marking all HTTP sites as non-secure, though it didn't provide a timetable for the undertaking.


Send note to Staff  Go to Top of Page
Edited by EricBismarck - 01/09/2017 12:59 pm
Pillar Of The Community
1506 Posts
Posted 05/25/2017   4:43 pm  Show Profile Bookmark this reply Add I Brake For Stamps to your friends list  Get a Link to this Reply

Quote:
with only with 2 complaints


Three.

I use Firefox and I get that warning message every time I log in. I've checked all the things suggested in this topic and still have the problem. ("this site is not secure and my username and password could be compromised").




-IBFS
Send note to Staff  Go to Top of Page


All science is either Physics or Stamp Collecting. -- Ernest Rutherford
Forum Dad
Learn More...
USA
1160 Posts
Posted Yesterday   12:09 am  Show Profile Bookmark this reply Add bobby131313 to your friends list  Get a Link to this Reply
We will never go SSL here. It's just NOT necessary and it's COMPLETELY absurd that browsers "warn" you. We're not handling anything important here whatsoever.
Send note to Staff  Go to Top of Page


Pillar Of The Community
Canada
1685 Posts
Posted Yesterday   07:28 am  Show Profile Bookmark this reply Add area66 to your friends list  Get a Link to this Reply

Quote:
I use Firefox and I get that warning message every time I log in. I've checked all the things suggested in this topic and still have the problem.


Use Google, I have 0 issue.... and don't use your bank credential with forums. Firefox start to be anoying with their asking for donation.
Send note to Staff  Go to Top of Page
Edited by area66 - Yesterday 07:31 am
Pillar Of The Community
United States
1609 Posts
Posted Yesterday   08:29 am  Show Profile Bookmark this reply Add PostmasterGS to your friends list  Get a Link to this Reply
IBFS,

Are you getting the message posted in the OP of this thread, or the one shown at the top of this article.

If the second, this is a new "feature" of Firefox, and you're going to get it on any non-SSL site with a login. This is an unnecessary "feature", IMHO, for the reasons Bobby discusses above. If you want to get rid of the Firefox message, you can follow the steps at the article I linked.
Send note to Staff  Go to Top of Page


Presenting the GermanStamps.net Collection - Germany, Colonies, & Occupied Territories, 1872-1945
Pillar Of The Community
Learn More...
United States
2721 Posts
Posted Yesterday   11:36 am  Show Profile Check revenuecollector's eBay Listings Bookmark this reply Add revenuecollector to your friends list  Get a Link to this Reply

Quote:
We will never go SSL here. It's just NOT necessary and it's COMPLETELY absurd that browsers "warn" you. We're not handling anything important here whatsoever.


I don't want to sound contrarian or argumentative. That's not my intent. This is intended to provide some information/advice:

Not only will browsers be warning users any time a login/password is submitted to a non-SSL website, but Google at some point will be penalizing non-secure sites in their ranking algorithms.

As someone who owns 10+ websites, most of them small hobby sites that generate ZERO revenue, I was more than a little bit scared by this and the potential costs and technical hurdles with converting that many sites to SSL. As it turns out, it was FAR less onerous than expected, and cost me $0 out of pocket to convert all 10+ sites.

I converted all of my websites to SSL 2.5 weeks ago. If you go to revenue-collector.com, you'll see it's now a secure site.

A few notes:

1. You no longer have to purchase an SSL cert. https://LetsEncrypt.org is an open source CA provider and install and autorenewal (via AutoSSL) can be handled through cPanel/WHM. My hosting company installed SSL certs for all my domains in about 10 minutes. This option did not exist as little as a year ago. At that point I would have had to pay an annual fee for an SSL cert for every domain name. So cost should no longer be a barrier.

2. I had to set up .htaccess rules to perform transparent permanent redirects (301) from http:// to https:// for my pages and scripts. That is how image and page links I've posted here and other forums over the years all still work. It doesn't require going back and changing links at the source; the redirects take care of it all. This took a little bit of doing and some trial and error, but again my hosting company did all the heavy lifting. If desired, I can provide some sample .htaccess rules that were implemented on my sites.

3. The only thing I had to do then was check across my scripts for any explicit full URLs I had coded (I try to use relative paths whenever possible to avoid just this scenario), or any Meta HTTP redirects that redirected pages to new locations. The only reason this took as long as it did is that my perl code is ancient, dating back to the late 1990s, and is now a bit of a spaghetti mess. My own fault.

It was a daunting prospect beforehand, but in hindsight I should have done it sooner. It was nowhere near as difficult as expected. Most of my sites were fully functional as secure sites with 5-10 minutes of tweaking, and for my most complicated dynamic site it took a few days to get everything ironed out.

I'm not trying to tell you what to do; this is your ball game. I just wanted to give the perspective of someone who just recently went through the transition and came out relatively unscathed.
Send note to Staff  Go to Top of Page


Edited by revenuecollector - Yesterday 11:41 am
  Previous Topic Topic Next Topic  
 
To participate in the forum you must log in or register.
United States Postal Service, Now on eBay!United States Postal Service, Now on eBay!
New Forum Topics Recently Active Forum Topics
  "Mail Early for Christmas" perfect cancel on Scott #721
  Can someone help with this DOUBLE IMPRESSION 1800s 2 cent US POSTAGE STATIONARY
  German 100 mark error stamp
  Questions on APS Circuit Status schedules..........
  Rochester T&T Type 232?
  Smartphone apps for stamp collecting
  What would you like to see for sale on SCF?
  Double impression, RN style
  Old stamp album with fungi - Anyone have experience using Lindner ERNI a + b?
  1922 5c 10perf roosevelt (557 scott)?
  Please use this for my avatar. Thanks
  Being drawn to the clear (not dark) side....
  Scott 832a mini panes - Different perforations.
  Some miscellaneous I just came accross...
  IMHO, the worst offender
  California Covers - 3 Humboldt Co., 1 Mendocino
  What is your most prized philatelic possession?
  Avatar Request--thank you!
  US $2 Inverted Jenny Stamp Sheet to Remain on Sell
  Full double transfer on R14.
  Latest on the Demise of Turbo Lister
  help identify greece stamp with overprints?
  British East Africa Questions
  Availability of "The Complete Deegam Machin Handbook"
  Help needed with 10c Banknote id

  Canada Empress of Ireland press sheet
  Sattar Khan Rebellion, Azadistan and Gilan Socialist Republic
  "Mail Early for Christmas" perfect cancel on Scott #721
  German 100 mark error stamp
  Can someone help with this DOUBLE IMPRESSION 1800s 2 cent US POSTAGE STATIONARY
  FOOTWARE - Shoes, Sneakers, and Other Foot Coverings!
  Scott 832a mini panes - Different perforations.
  Being drawn to the clear (not dark) side....
  US Scott 443 Washington 1c line single?
  Some miscellaneous I just came accross...
  Questions on APS Circuit Status schedules..........
  The Stamps of Turkey : On Steiner Pages.
  Ways to organize precancel collections?
  Rochester T&T Type 232?
  Germany: Cancellation Premium.
  Find this? Italian
  Double impression, RN style
  Romania 1918
  Smartphone apps for stamp collecting
  Russia: Geometric numerals and background Inverted.
  The Stamps of Australia : On Steiner Pages.
  Cogwheels
  What would you like to see for sale on SCF?
  Automatic Supplements
  Regency Stamp Auctions in St. Louis

Disclaimer: While a tremendous amount of effort goes into ensuring the accuracy of the information contained in this site, Stamp Community assumes no liability for errors. Copyright 2005 - 2017 Stamp Community Family - All rights reserved worldwide. Use of any images or content on this website without prior written permission of Stamp Community or the original lender is strictly prohibited.
Privacy Policy / Terms of Use    Advertise Here
Stamp Community Forum © 2007 - 2014 Stamp Community Forums Go To Top Of Page
It took 0.89 seconds to lick this stamp. Powered By: Snitz Forums 2000 Version 3.4.05