Jump to content

  •  

SSL Secure


  • This topic is locked This topic is locked
15 replies to this topic

#1 ScottieKnowz

ScottieKnowz

    Newbie

  • Member
  • Pip
  • 7 posts

Posted 28 February 2018 - 06:14 AM

Hey there, I am new to the site but noticed something right out the gate.

Your site is NOT SSL secure, was wondering if there was a certain reason for that as I'm sure the amount of downloading/credentials on this site are quite high.

It's no big deal really, but things like Certbox exists to make these tasks easy for SSL securing a website.

#2 _.:illus!on:._

_.:illus!on:._

    Community Manager

  • Community Manager
  • 2,720 posts

Donator

Posted 07 March 2018 - 05:23 AM

For what we need SSL?
SSL protects you from hacking or logging in serverlocations, it does not protect you from keyloggers on your pc or the server itself.
Now tell me how many people got hacked from serverlocations or how many accounts are stolen in serverlocations?

if it is really unsecure to have no SSL i'm sure the site will be hacked every day but it isn't ;)

btw. SSL is not really secure, that is only what the people should think, so many motherfuckers can make money with the SSL certificate

Posted Image


#3 kaljukass

kaljukass

    Invision-Virus Nerd

  • Member
  • PipPipPipPipPip
  • 377 posts

Posted 07 March 2018 - 03:18 PM

On this point I agree 100%, SSL is new money making machine for some companies, the SSL certificate don't protect anyone and in any way.

#4 Shto

Shto

    Newbie

  • Member
  • Pip
  • 7 posts
  • LocationRomania

Posted 12 March 2018 - 06:50 AM

View Postkaljukass, on 07 March 2018 - 03:18 PM, said:

On this point I agree 100%, SSL is new money making machine for some companies, the SSL certificate don't protect anyone and in any way.

That s correct. :)

#5 jayZ

jayZ

    Newbie

  • Member
  • Pip
  • 6 posts

Posted 23 March 2018 - 11:32 PM

Can somebody explain what SSL really does? I do have it on my forums but im not sure if it really helps in some way or not. Is it really neccessary?

#6 Aeternum

Aeternum

    Member

  • Banned
  • PipPip
  • 12 posts

Donator

Posted 24 March 2018 - 04:50 AM

SSL is extremely important, but not necessary on a website such as invision virus. The purpose of SSL is to encrypt data sent from a browser to a companies server, ensuring their online transactions remain confidential. Many countries require it by law if personal information such as address, numbers, payment information, and even just a last name, is communicated to the server. Also, SSL is free via cloudflare.
As for how SSL works, we start as an end user:
  • An end-user asks their browser to make a secure connection to a website (e.g.https://www.example.com)
  • The browser obtains the IP address of the site from a DNS server then requests a secure connection to the website.
  • To initiate this secure connection, the browser requests that the server identifies itself by sending a copy of its SSL certificate to the browser.
  • The browser checks the certificate to ensure:
    That it is signed by a trusted CA
    That it is valid - that it has not expired or been revoked
    That it confirms to required security standards on key lengths and other items.
    That the domain listed on the certificate matches the domain that was requested by the user.
  • When the browser confirms that the website can be trusted, it creates a symmetric session key which it encrypts with the public key in the website's certificate. The session key is then sent to the web server.
  • The web server uses its private key to decrypt the symmetric session key.
  • The server sends back an acknowledgment that is encrypted with the session key.
  • From now on, all data transmitted between the server and the browser is encrypted and secure.
If you plan on processing or obtaining any information that is deemed as confidential client information by the laws in your country you should have SSL on your site.

#7 ernesto2

ernesto2

    Member

  • Donator
  • PipPip
  • 11 posts

Donator

Posted 02 April 2018 - 03:35 AM

i have dude how to make ssl in forum in all http:// need add https:// no?

#8 _.:illus!on:._

_.:illus!on:._

    Community Manager

  • Community Manager
  • 2,720 posts

Donator

Posted 02 April 2018 - 09:09 AM

But all existing encryption methods can be unencrypted ;) I mean ya ssl is good for banking shit and so on but it is never a real protection, in my opinion we can say it is an additional protection.

A little example to show you how senseless ssl is: If you are in an open wifi network all hackers can see what you are typing if the website is with ssl or not. I know the hacker don't need to unencrypt the ssl data, he can use another method but you think you have a secure connection but in real you have nothing.

Posted Image


#9 RizRari

RizRari

    Newbie

  • Member
  • Pip
  • 7 posts
  • LocationRomania

Posted 23 April 2018 - 12:13 PM

View Post_.:illus!on:._, on 02 April 2018 - 09:09 AM, said:

But all existing encryption methods can be unencrypted ;) I mean ya ssl is good for banking shit and so on but it is never a real protection, in my opinion we can say it is an additional protection.

A little example to show you how senseless ssl is: If you are in an open wifi network all hackers can see what you are typing if the website is with ssl or not. I know the hacker don't need to unencrypt the ssl data, he can use another method but you think you have a secure connection but in real you have nothing.
It's really money that you invest in some motes that do not help us, but it does not add any more to the site.

#10 flashxml

flashxml

    Member

  • Donator
  • PipPip
  • 15 posts

Donator

Posted 26 April 2018 - 02:44 AM

SSL it adds some trust to people who register to your website. When they need to insert personal data, personal data, email, phone etc. Yes, it's harder to get down a https from http. And brute force is easier on http ... tested in the past by me :)

#11 Smirnoff.Wizard

Smirnoff.Wizard

    Newbie

  • Member
  • Pip
  • 6 posts

Posted 28 June 2018 - 08:35 AM

letsencrypt.org provides easy SSL certificates for free. It was my first time ever configuring a server with SSL and it was a total breeze.

Between the browser makers and the anti-virus companies that warn you browsing a non-secured site and steer you toward $75-$150 options it IS a total scam on that side of it.

Please anyone who only relies on SSL and assumes they are 100% safe while using a shared Internet connection like at a coffee shop, etc., is in for a rude surprise.

That being said with a free SSL certificate and browser makers in complicit with the certificate industry scam and browsers about to start being more and more anal about unsecured connection I would recommend going ahead and getting a free SSL.

I had it up and working in 15 minutes for free and now people can't complain about their browser yelling at them using my site. And if you do rely on public internet connections and don't always want to do a VPN then SSL is certainly the responsible and reasonable thing to set up your site with. When its that free and that easy theres actually no excuse not to.

#12 kaljukass

kaljukass

    Invision-Virus Nerd

  • Member
  • PipPipPipPipPip
  • 377 posts

Posted 29 June 2018 - 04:01 AM

Do not panic, it's really simple and works great. The same is also the so-called free SSL, which is actually exactly the same, what the so-called paid URL encryption certificate and they both come exactly from the same place as the one for which you pay. In general, COMODO certificates are used as so called "free certificates".
PS I have been using them for a long time and there are no problems with any browser. At least not so long I have used.
It's true that many servers try to prevent using SSL, if you do not pay them money for using SSL. Just - do not use such servers, and that's all. They are scammers, extortionists. Many servers even prevent using SSL, if You have bought it from certificate owner, but not thru them, ie thru the server owners.
Whatever they are, but their only purpose is money.

#13 darki

darki

    Newbie

  • Member
  • Pip
  • 6 posts

Posted 02 July 2018 - 03:20 PM

I agree SSL is important. Even if it is not a miracle protection It provides a useful layer of protection and protect against some attacks. I'm not comfortable to have my password send in clear when i'm connected to an untrusted Wifi network for example. Let's encrypt is free and allows to set an SSL certificate in few minutes, you should take a look!

#14 REVOLVE

REVOLVE

    Newbie

  • Member
  • Pip
  • 6 posts

Posted 02 July 2018 - 08:55 PM

SSL would provide a lot of credibility. There are a lot of end-users for which an "Unsecure" label (as Chrome displays) can mean a lot. And there are free SSL solutions that make it easy to add SSL to the site, so why not?

#15 kaljukass

kaljukass

    Invision-Virus Nerd

  • Member
  • PipPipPipPipPip
  • 377 posts

Posted 03 July 2018 - 09:24 AM

View PostREVOLVE, on 02 July 2018 - 08:55 PM, said:

SSL would provide a lot of credibility. There are a lot of end-users for which an "Unsecure" label (as Chrome displays) can mean a lot. And there are free SSL solutions that make it easy to add SSL to the site, so why not?
It's true, why not. But also this is true, that these don't encrypt anything more than only main domain. Everything else is as it was. But if somebody speaks about passwords, they have been encrypted for a very long time already, but usually is used typical Base64, rarely AES 256. So if there is only Base64 encryption, then it is for most people the same as the plain text.

#16 Mercedes-Benz

Mercedes-Benz

    Account and Staff Recruit Administrator

  • Account Administrator
  • 679 posts
  • Locationinvision-virus

Posted 15 July 2018 - 02:58 AM

Hello,

At this moment in time, Invision virus does not have any plans in having SSL has Illusion has said above however it may happen or may not in the near future but I am closing this thread as your question has been answered by now and we will think about it in the near future

Thanks
IV Staff
NEED A PRIVATE WEB HOST? OFFSHORE AND ALWAYS ONLINE? JUST FOR $3.20 A MONTH PRIVATE MESSAGE ME TODAY! DMCA IGNORED/FREE SSL/ LATEST PHP AND LATEST HARDWARE/ FREE CPANNEL

Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users