When visiting https://www.macrumors.com, Safari says the certificate is invalid.
Just a heads-up to the admins.
Just a heads-up to the admins.
Exactly. *Maybe* the login box should use it. Maybe. Anything else, who cares.
Rare as it may be, even with a static site you're leaving yourself open to man-in-the-middle attacks.Thank you! You have NO IDEA how many people go to one of my sites and email us saying " no ssl, i refuse to use your website ", and i'm talking static sites here! Ugh, I hate how uneducated the internet users are becoming with tech that doesn't involve a watch, a phone, or a tablet
haha!
Rare as it may be, even with a static site you're leaving yourself open to man-in-the-middle attacks.
But for MacRumors, we're not exactly talking about static sites, are we?
You, maybe. That person stupid enough to use the same password for MacRumors and a banking account, not so much.MacRumors isn't static, but their is -nothing- here that would even apply to that. it's an open forum, where communication is shared openly. If it's altered, we'd know. Instant messages ( maybe ), but even then not happening, knowing the person sending, timing, etc. Those types of attacks are dated, and really don't even apply.
So as the last guy said, maybe on the login system, but no offense, i think i'd survive if someone managed to grab my username and password from mac rumors. Even then, it's a stretch, a big one.
To the best of my knowledge, MacRumors doesn't use SSL on the site, so you shouldn't use https in the address bar. @arn can verify this of course.When visiting https://www.macrumors.com, Safari says the certificate is invalid.
Just a heads-up to the admins.
Thank you! You have NO IDEA how many people go to one of my sites and email us saying " no ssl, i refuse to use your website ", and i'm talking static sites here! Ugh, I hate how uneducated the internet users are becoming with tech that doesn't involve a watch, a phone, or a tablet
haha!
Probably doing work.. something like that rarely gets over looked. Not that it matters, their is absolutely no reason to need SSL on a site like this, I think people assume they need it, and sites like this, and everyone else hops on board, wasting money, and configuring the crap because the public doens't really know what it does.
Perhaps you missed or misunderstood the actual discussion and its findings in this thread?Pretty pathetic for a site with millions visitors per month to not have a valid SSL certificate.
Globalsign said:sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM ocsp;'