Rich Posted January 10, 2018 Author Report Share Posted January 10, 2018 The certificate is to encrypt sensitive data like credit card details but the website doesn't actually need it so I'm not sure why it's there. The website redirect issue could be what Geoff mentioned in the other thread. But then it could be something else. The server we're on is crap so I wouldn't be surprised if it's related. When/if it got hacked in to last time they didn't change the FTP password which is bad practice. I'm still not actually sure what happened then, all they said was the malicious script had been removed. Quote Link to comment Share on other sites More sharing options...
Geoffers Posted January 10, 2018 Report Share Posted January 10, 2018 Thanks everyone for looking at this issue and i can assure everyone soon we will have total control over wim web/ forum. At the moment i want to tell IT what they are doing wrong or what they arn't doing? so some questions... 1: What is the certificate for. 2: Has this anything to do with Zen 3: Has the web been hacked again and if so how are they getting in since the web site is static. 1. A certificate gives you encrypted information between you and the server you are talking to. When I connect to your server, there is a bit of a handshake going on and we swap information. Not all of this comes directly from your server, some of it comes from a certificate authority such as geotrust, digicert, etc. who you bought your certificate from and other bits from domain name servers verifying you are the correct servers I'm talking to. Once my browser is happy you've responded with your public key and the certificate matches, data will flow but is encrypted between the two so if you were watching it (say on a public wireless in MacDonalds for instance) you wouldn't see this writing as I send it to the site, you'd just see what appears as gobledygook and is decrypted both ends as they talk. Banking systems use the same method. You know that transmitting the data between each other is encrypted. This is what the HTTPS is. This may not seem important but what if, say I sent a PM with some personal info in or posted some wording to the adult forum? I'd be glad people can't capture that. You'd be surprise how much data capturing is going on. Not just local wireless level but every router in between you and the receiver. All this means is that I'm definitely talking to your server and the data between us is encrypted. It doesn't mean other things aren't going on. It is simply verification and to prevent "man in the middle" attacks or seeing your data. 2. It's impossible to say as I don't know the level of control you have or if there are any reverse proxies, etc. in between you and the system. Do you have access directly with Apache or is it all through your panel? 3. Again impossible without seeing internally but alarms tend to ring on the providers side as there are lots of patterns indicating if you have. It could simply be an external embedded piece of code or reverse proxy issue as above for instance (the biggest is getting confused with setting up https redirect when it does it itself so an endless loop type thing). Lots of things could be the issue, not just being hacked. As for the site being static, it's irrelevant really. The only safe machine is one buried in 50ft of concrete with no wires or power attached and even then it's questionable! :-) 2 Quote Link to comment Share on other sites More sharing options...
Tony Posted January 11, 2018 Report Share Posted January 11, 2018 To further destroy the forum i notice all of my past youtube vids have gone? Quote Link to comment Share on other sites More sharing options...
Rich Posted January 12, 2018 Author Report Share Posted January 12, 2018 Great explanation Geoff To further destroy the forum i notice all of my past youtube vids have gone? That's just a knock on effect from these other issues. Once they're sorted they should show again. Quote Link to comment Share on other sites More sharing options...
Tony Posted January 12, 2018 Report Share Posted January 12, 2018 I spoke with Gav today and he has passed the information here to the IT guys.... Personally i think I'm going to pull out of their pathetic umbrella. Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 12, 2018 Report Share Posted January 12, 2018 Guess redirect is http to https, down normally in .htaccess or httpd.conf (or apache2.conf if using Debian or s***ty Ubuntu) Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 12, 2018 Report Share Posted January 12, 2018 My own (rather bitter) experience of running forums on shared hosts isn't great - our own site www.omegaowners.com only lasted less than 3 weeks before our hosting company disconnected us when we launched in 2006. Thats how it ended up on a dedicated server, and has always stayed that way... ...and has remained very reliable considering we run it on a shoestring. Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 12, 2018 Report Share Posted January 12, 2018 BTW, neither Edge (for Windows) or IE is working. Edge wont even allow me to log on, and IE won't allow posting, I think due to the flicking between http and https all the time. Quote Link to comment Share on other sites More sharing options...
Tony Posted January 12, 2018 Report Share Posted January 12, 2018 Doesn't sound good ....Rich is about to move the forum away from Zen who are utter crap... I've never had any issues web or forum until IT at BlackBoots took control.... Personally i think they should stick to selling ice creams. Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 12, 2018 Report Share Posted January 12, 2018 Doesn't sound good ....Rich is about to move the forum away from Zen who are utter crap... I've never had any issues web or forum until IT at BlackBoots took control.... Personally i think they should stick to selling ice creams. Is that outsourced, or do they have in-house peeps? (assuming you can say on a public forum) Quote Link to comment Share on other sites More sharing options...
Tony Posted January 12, 2018 Report Share Posted January 12, 2018 IT is outsourced by a company called WebFX. Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 12, 2018 Report Share Posted January 12, 2018 I worked for a large company and got TUPEd out to an outsourcer for 10yrs, before getting TUPEd back into the original company. In my experience, IT outsourcing never works effectively (or cheaply). I'm surprised, given what I've seen of Blackboots and WIM's web presence, and the likely IT resources you're likely to have at HQ, you can't do this in-house by occasionally taking a little bit of time from one of the more IT literate staffers there Obviously, there might be an awful lot more that I can't see. I certainly run bro's business IT, including all PoS stuff (which I wrote) for his 2 shops, and all the backend servers (including web presence) and email on his own on-site servers. And obviously run the Omega forum on my dedicate, on site servers. And obviously hold down a full time, pretty intense, IT job. Quote Link to comment Share on other sites More sharing options...
Tony Posted January 12, 2018 Report Share Posted January 12, 2018 BB use the IT for phones/ net and net related campaigns. My mistake was allowing wim to "tag along" and fall under their wing. To date Rich and I are taking back the control and undoing their ..... It wasn't far back they allowed to forum to stay down for a month? 1 Quote Link to comment Share on other sites More sharing options...
TheBoy Posted January 13, 2018 Report Share Posted January 13, 2018 It wasn't far back they allowed to forum to stay down for a month? That is disgraceful. Servers are generally reliable, modern server OS's are generally reliable, and modern forum software (assuming usual maintenence is done) is generally reliable. And assuming you have good backups of the database and the web directory (for themes, attachments and so on, even if the server(s) caught fire, any hosting firm could bring up a new server for you within an hour or so, and allow another 2-4hrs to restore data. I can't imagine your forum setup is in any way unusual. It p**ses me off, as it gives us reprobates who work in IT a bad, lazy, incompitent name, Rant over. I'll go and kick the cat or something to calm down. Quote Link to comment Share on other sites More sharing options...
Tony Posted January 13, 2018 Report Share Posted January 13, 2018 Kick the cat anyway ...... I'm at the pinnacle to get all of wim's control back... The IT BB use is utter crap in my opinion who seem to treat wim as a low income scratch they would rather not itch unless we make a noise..... Crap Quote Link to comment Share on other sites More sharing options...
NickT Posted January 13, 2018 Report Share Posted January 13, 2018 It wasn't far back they allowed to forum to stay down for a month? That is disgraceful. Servers are generally reliable, modern server OS's are generally reliable, and modern forum software (assuming usual maintenence is done) is generally reliable. And assuming you have good backups of the database and the web directory (for themes, attachments and so on, even if the server(s) caught fire, any hosting firm could bring up a new server for you within an hour or so, and allow another 2-4hrs to restore data. I can't imagine your forum setup is in any way unusual. It p**ses me off, as it gives us reprobates who work in IT a bad, lazy, incompitent name, Rant over. I'll go and kick the cat or something to calm down. IncompEtent I hope the cat escaped....! Yes, I.T. can be a thankless task, but so necessary in today's modern lives. Quote Link to comment Share on other sites More sharing options...
Tony Posted January 13, 2018 Report Share Posted January 13, 2018 Hardly thankless judging by the monthly bill... My issue with then is since they do NOTHING for wim other than f**k it up why the hell am i under their pathetic wing?? Quote Link to comment Share on other sites More sharing options...
Tony Posted January 13, 2018 Report Share Posted January 13, 2018 How can I for now post YouTube vids? Quote Link to comment Share on other sites More sharing options...
SMARTLY Posted January 13, 2018 Report Share Posted January 13, 2018 Just as a link Quote Link to comment Share on other sites More sharing options...
Tony Posted January 13, 2018 Report Share Posted January 13, 2018 How I copy/ past the address bar but when pasted here it's blank when posted? Quote Link to comment Share on other sites More sharing options...
SMARTLY Posted January 13, 2018 Report Share Posted January 13, 2018 Here you go: cut & paste address from address bar from youtube click on link above, it's on the second row to the right of the 123 bullet then paste in the address to the URL, click OK then save https://www.youtube.com/watch?v=-vgNh3fLxJc Quote Link to comment Share on other sites More sharing options...
Tony Posted January 14, 2018 Report Share Posted January 14, 2018 Got it......... Thanks Quote Link to comment Share on other sites More sharing options...
SMARTLY Posted January 19, 2018 Report Share Posted January 19, 2018 Tried to look at My Conversations and got this error: Fatal error: Out of memory (allocated 47185920) (tried to allocate 88 bytes) in /data01/c4253105/public_html/forum/admin/sources/base/ipsMember.php on line 2799 Quote Link to comment Share on other sites More sharing options...
Tony Posted January 19, 2018 Report Share Posted January 19, 2018 Blimey that's a new one on me?.... Once wim-web is sorted we are out of here and away from Zen Quote Link to comment Share on other sites More sharing options...
Rich Posted January 19, 2018 Author Report Share Posted January 19, 2018 I've not seen that before. I think we should move it soon regardless of what's happening with the website. We've had nothing but problems with Zen and it's only getting worse. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.