First post, by Qbix
- Rank
- DOSBox Author
It is still in testing, but https://www.vogons.org is available.
Please let me know if you encounter a problem.
Water flows down the stream
How to ask questions the smart way!
It is still in testing, but https://www.vogons.org is available.
Please let me know if you encounter a problem.
Water flows down the stream
How to ask questions the smart way!
wrote:It is still in testing, but https://www.vogons.org is available.
Please let me know if you encounter a problem.
Let's Encrypt?
edit: Yup. Nice. I've got a few websites I'm going to use this on when their certs expire later this year.
The more I learn, the more I realize how much I don't know.
OPL3 FM vs. Roland MT-32 vs. General MIDI DOS Game Comparison
Let's benchmark our systems with cache disabled
DOS PCI Graphics Card Benchmarks
https://www.ssllabs.com/ssltest/analyze.html? … &hideResults=on
purrfectly done, only my bank does better(sometimes), congratulations 😀
Thank you for keeping this site on an old, fast engine and SSL-free (optional). It is one of very few remaining that open on old PCs and browsers.
wrote:It is still in testing, but https://www.vogons.org is available.
Please let me know if you encounter a problem.
Thanks Qbix!!
So it seems Firefox is complaining the "Connection is not secure" on many pages. Seems to be caused by non-HTTPS connections being used for images in peoples footers.
just noticed as well, entering this thread causes to drop secure connection with opera
Yeah it is caused by lightmasters signature.
I think he would need to change the url to start with
//
so remove the
http:
part.
Water flows down the stream
How to ask questions the smart way!
Thanks for this.
For some added security you may want to add the following header:
X-Frame-Options: SAMEORIGIN
This will prevent any embedded, IFRAMES running.
You could also look into Content-Security-Policy header, but that one is a bit more complicated, esp since I see this site uses embedded javascript instead of linking to it in a .js file.
wrote:Yeah it is caused by lightmasters signature. I think he would need to change the url to start with […]
Yeah it is caused by lightmasters signature.
I think he would need to change the url to start with
//
so remove the
http:
part.
Can something be added to auto apply such to peoples existing signatures. Expecting people to update them is likely problematic.
wrote:Yeah it is caused by lightmasters signature. I think he would need to change the url to start with […]
Yeah it is caused by lightmasters signature.
I think he would need to change the url to start with
//
so remove the
http:
part.
Did try and didn't work, i'm sure i'ts my problem, pm me please.
It seems it doesn't work for the img tag 🙁
I have set your signature to https now, which works fine, but Ideally I'd like to get the other solution working as well. Although we can't do it for everything. The img hoster needs to support it as well. A perfect solution doesn't exist.
So the best I can offer is this:
If you use an image in your signature and the host of the image supports https, please change the link to use the https instead of http.
Water flows down the stream
How to ask questions the smart way!
Thanks again Qbix!!
Sounds cool, but I can't use the HTTPS version of the site from Firefox 2.0 on Windows 98 FE. I get an error code. The regular version works perfectly fine, though this is the first time I'm trying it out.
Error establishing an encrypted connection to http://www.vogons.org. Error Code: -8092.
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20
Um, I didn't think Firefox 2.0 supported HTTPS, is that correct?
World's foremost 486 enjoyer.
It did, but only older style encryption. Modern websites use TLS 1.1 and above. Anything else is considered insecure. Even 1.1 is being phased out I believe.
Thanks Mr. Qbix.
W10: Phenom II X6 1090T@3.2GHz/6GB DDR3 1333/Radeon HD 6450 1GB DDR3
XP: *building* Athlon X2 6000/2GB DDR2 800/Geforce 7950GT 512MB
DOS/W98SE: PIII 550MHz/256MB PC100/Geforce FX 5200 128MB
Consider running with HSTS and pinning. Older browsers that don't understand will happily use the insecure site, while newer browsers that support it can enforce the TLS version.
2xP2 450, 512 MB SDR, GeForce DDR, Asus P2B-D, Windows 2000
P3 866, 512 MB RDRAM, Radeon X1650, Dell Dimension XPS B866, Windows 7
M2 @ 250 MHz, 64 MB SDE, SiS5598, Compaq Presario 2286, Windows 98
I just noticed https is now working by default. Has it been that way for awhile and I'm just now noticing?
The more I learn, the more I realize how much I don't know.
OPL3 FM vs. Roland MT-32 vs. General MIDI DOS Game Comparison
Let's benchmark our systems with cache disabled
DOS PCI Graphics Card Benchmarks
I thought back in December https was on by default, but...
Every time I go to "vogons.org" and login, it defaults to the http page unless I manually type the https part. On my trusted PCs, it's not an issue, as lastpass logs me into the secure page. But I do access this site from public PCs on occasion.
The more I learn, the more I realize how much I don't know.
OPL3 FM vs. Roland MT-32 vs. General MIDI DOS Game Comparison
Let's benchmark our systems with cache disabled
DOS PCI Graphics Card Benchmarks