yeah i thought it might be that but i am lazy
[editline]6th November 2010[/editline]
aw it is, look what you did i miss that guy
[QUOTE=rampageturke;25889835]Ratings on every post showing up, not just when you hover over them.[/QUOTE]
Exactly
[editline]6th November 2010[/editline]
It was fine a few hours before I made that post.
anyone else notice user sensitive data, such as login info going plain text to the server? please redirect login traffic to port 443
[URL]https://www.facepunch.com/login.php?[/URL]
plz fix
[QUOTE=JohnEdwards;25908517]anyone else notice user sensitive data, such as login info going plain text to the server? please redirect login traffic to port 443
[URL]https://www.facepunch.com/login.php?[/URL]
plz fix[/QUOTE]
Password is MD5'd beforehand on supported browsers. I'm not going to go through the hoops of setting up HTTPS so you guys can log in securely. Maybe mods, but not you guys.
[QUOTE=compwhizii;25909195]Password is MD5'd beforehand on supported browsers. I'm not going to go through the hoops of setting up HTTPS so you guys can log in securely. Maybe mods, but not you guys.[/QUOTE]
When they are sending to port 443 they are, otherwise it is just plain text.
[URL]http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/[/URL]
[URL]http://www.garshol.priv.no/download/text/http-tut.html[/URL]
maybe you should read up on http vs https
[URL]http://www.biztechmagazine.com/article.asp?item_id=277[/URL]
http just sends it out, it doesn't encrypt
If the clients PC encrypts Dog to wqs435adagf and sends it that way, how do you propose that the server decrypts that without a key? unless the password on the server is stored as an MD5 hash which makes it pointless to md5 it, because I can still see it in a sniffer as p a s s w o r d wqs435adagf, because the data is not encrypted, it is just hash of the word dog, or if the server is just storing the md5 as the 'password'
please read up on it, or if you don't believe me use wireshark an log in
[QUOTE=ManningQB18;25884979]There is absolutely nothing wrong...?[/QUOTE]
BEEEEEP! I'm sorry, the correct answer was "Visual basic".
[QUOTE=JohnEdwards;25909739]When they are sending to port 443 they are, otherwise it is just plain text.
[URL]http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/[/URL]
[URL]http://www.garshol.priv.no/download/text/http-tut.html[/URL]
maybe you should read up on http vs https
[URL]http://www.biztechmagazine.com/article.asp?item_id=277[/URL]
http just sends it out, it doesn't encrypt
If the clients PC encrypts Dog to wqs435adagf and sends it that way, how do you propose that the server decrypts that without a key? unless the password on the server is stored as an MD5 hash which makes it pointless to md5 it, because I can still see it in a sniffer as p a s s w o r d wqs435adagf, because the data is not encrypted, it is just hash of the word dog, or if the server is just storing the md5 as the 'password'
please read up on it, or if you don't believe me use wireshark an log in[/QUOTE]
So, don't use your super-secret password for Facepunch.
It's a forum, not a bank.
why cant i see anyones avatar?
[img]http://img209.imageshack.us/img209/2870/31152580.png[/img]
im on google chrome
[editline]7th November 2010[/editline]
windows 7 home premium
[QUOTE=lilcheeselad;25913910]why cant i see anyones avatar?
[img_thumb]http://img209.imageshack.us/img209/2870/31152580.png[/img_thumb]
im on google chrome
[editline]7th November 2010[/editline]
windows 7 home premium[/QUOTE]
go to your control panel then go to general settings then look for the thread display option section the check "show avatars"
[QUOTE=MrOwn1;25913982]go to your control panel then go to general settings then look for the thread display option section the check "show avatars"[/QUOTE]
guess i accidently turned it off
thanks
[QUOTE=lilcheeselad;25914022]guess i accidently turned it off
thanks[/QUOTE]
no problem
Daily thread reply notification emails have broken links.
The anchors are correct but the links always direct to the first page, making finding the posts a pain in the ass.
[QUOTE=JohnEdwards;25909739]When they are sending to port 443 they are, otherwise it is just plain text.
[URL]http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/[/URL]
[URL]http://www.garshol.priv.no/download/text/http-tut.html[/URL]
maybe you should read up on http vs https
[URL]http://www.biztechmagazine.com/article.asp?item_id=277[/URL]
http just sends it out, it doesn't encrypt
If the clients PC encrypts Dog to wqs435adagf and sends it that way, how do you propose that the server decrypts that without a key? unless the password on the server is stored as an MD5 hash which makes it pointless to md5 it, because I can still see it in a sniffer as p a s s w o r d wqs435adagf, because the data is not encrypted, it is just hash of the word dog, or if the server is just storing the md5 as the 'password'
please read up on it, or if you don't believe me use wireshark an log in[/QUOTE]
I know how HTTPS works.
compwhizii, could you do something about that problem of mine?
[QUOTE=esalaka;25915641]compwhizii, could you do something about that problem of mine?[/QUOTE]
I can look into it but it sounds like a vBulletin bug.
[QUOTE=tarnation;25873580][img_thumb]http://i55.tinypic.com/1zgdhep.jpg[/img_thumb]
can't see the ratings users got. using IE (school computer) and windows xp
not a big deal, but thought I'd share incase anyone else had the same issue
I think it's IE 7[/QUOTE]
i have the same problem D: damn school.
[QUOTE=compwhizii;25915515]I know how HTTPS works.[/QUOTE]
Then set it up, it really is not that hard.
atleast tell me the server is on a DMZ or its own line
The server which stores the avatars is shit comp.
Everyone's avatars are slowly disappearing.
[QUOTE=Smasher 006;25939358]Everyone's avatars are slowly disappearing.[/QUOTE]
Slowly?
Haven't seen an avatar at all, except now mine.
[editline]fuck[/editline]
There goes my avatar.
[QUOTE=Smasher 006;25939358]Everyone's avatars are slowly disappearing.[/QUOTE]
This. I can't see any avatars any more apart from my own.
You can see any avatars that are in your cache, clear your cache, and you won't see any avatars.
And I thought my internet sucked.
[QUOTE=Ezhik;25939617]And I thought my internet sucked.[/QUOTE]
Strangely enough, your avatar appears when you try to change it.
[img]http://i.imgur.com/jemh0.png[/img]
[QUOTE=Smasher 006;25940047]Strangely enough, your avatar appears when you try to change it.
[img_thumb]http://i.imgur.com/jemh0.png[/img_thumb][/QUOTE]
That's because its linking to [url]http://www.facepunch.com/image.php?u=44687&dateline=1287370545[/url] not [url]http://75.101.147.23/image.php?u=44687&dateline=1287370545[/url] which is the dead server.
But... now I have no idea who people are...
I need avatars!
The fuck is happing?
Where are you compwhizii?
Hey, I think they're back!
I'm really sorry about the avatars, I thought I fixed it this morning before I left for the day but it looks like the instance was rebooted after I left or varnish never started. Hexxeh will be getting server access so he can fix these problems if I am not around.
Sorry, you need to Log In to post a reply to this thread.
