UKC

Hi everyone,

UKC is now being served over HTTPS. If anyone has any problems then please post here or send me an email paul at ukclimbing.com

Thanks, Paul.

In reply to Paul Phillips - UKC and UKH:

to a www.moron.com like myself, what difference does it make?

In reply to Paul Phillips - UKC and UKH:

It looks awful on my machine using Chrome, no pictures, no icon badges...as if it has only half loaded up the page.

In reply to Paul Phillips - UKC and UKH:

No chrome problems here.

In reply to Bjartur i Sumarhus:

That'll be a cache issue, clear it and try again.

In reply to Paul Phillips - UKC and UKH:

Ooh, there's a coincidence, just upgraded a site for a client yesterday and published a blog post on HTTPS. Looks great Paul.

In reply to Bjartur i Sumarhus:

We've had another report of work proxy blocking our CDN. I'll see what we can do about that.

Cheers, Paul.

In reply to Paul Phillips - UKC and UKH:

It looks and works fine for me, but when I check the security details in Chrome...

Obsolete Connection Settings
The connection to this site uses an obsolete protocol (TLS 1.0), an obsolete key exchange (RSA), and an obsolete cipher (AES_128_CBC with HMAC-SHA1).

Don't know what it means, but 'obsolete' is bad I suspect!

In reply to Paul Phillips - UKC and UKH:

Looks bad using IE as well. But I am using a work PC so it is probably my end.

In reply to Paul Phillips - UKC and UKH:

Well done for this, it's a good move.

This tester can help you to get your server settings fine-tuned for best security.

https://www.ssllabs.com/ssltest/

In reply to Paul Phillips - UKC and UKH:

It doesn't look right in Netscape Navigator 1.22.

Any suggestions?

In reply to Clauso:

lol

In reply to Clauso:

It might be worth trying rolling back to 1.11 for now; I'm sure there'll be patch soon.

In reply to Bjartur i Sumarhus:

Does it look a bit better now? I've switched the CSS and JS to not use the CDN which your work proxy is blocking. The images still won't work.

In reply to Paul Phillips - UKC and UKH:
If it's any help because I know these settings are a pain to get right, I score an A+ on the SSL Labs test with these Apache settings, although at the cost of not supporting IE8 on Windows XP, which can't be done without making it less secure for everyone else.

SSLEngine ON
SSLCompression off
SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite "HIGH:!aNULL:!MD5:!3DES:!CAMELLIA:!AES128"
SSLHonorCipherOrder on

And once you're definitely staying with HTTPS turn on HSTS.

In reply to Clauso:

well you should have never upgraded from Mosaic should you.
owlet error right there

In reply to 1poundSOCKS:

That will be fixed in the next month or so when we move to a new server. It's a limit of the operating system on the current server. It's nothing to worry about though.

In reply to Paul Phillips - UKC and UKH:

Yep that's much better, thx

In reply to James_Kendal:

Thanks for the links. Getting the A+ rating will have to wait for the server move as the current OS doesn't support the newer ciphers. We still host the old non-responsive site for IE8 users so that won't be a problem (try switching to IE8 if you have a User Agent switcher).

Cheers.

In reply to Derry:

I've tried to find a video explaining why HTTPS is better. This is the best I could find but it might be a bit too nerdy for the average web user tbh: youtube.com/watch?v=E_wX40fQwEA&

In reply to Paul Phillips - UKC and UKH:

Nice one, Paul. The sooner the whole web is under HTTPS the better.

In reply to Paul Phillips - UKC and UKH:

Nice one, thanks for making the effort.

In reply to Derry:

No-one has bothered to answer your question, I notice.

In reply to Rog Wilko:

The new site encrypts the traffic between you and it, the old one didn't.

I don't understand the rendering problems mentioned above - they're not related to switching to https.

In reply to Rog Wilko:
3 posts above yours

https://www.ukclimbing.com/forums/t.php?n=657022&v=1#x8481720

In reply to Kipper:


Some corporate/work proxies were blocking the new HTTPS CDN we're using for static files. This should hopefully be sorted now.

In reply to Paul Phillips - UKC and UKH:

Some corporate/work proxies were blocking the new HTTPS CDN we're using for static files. This should hopefully be sorted now.

It better had be.
I'm in work at half five and if I can't get my early morning fix of tea and UKC there'll be hell to play!

In reply to Paul Phillips - UKC and UKH:

Thanks for your efforts, Paul. Hope our conversation was helpful, rather than a distraction.

In reply to captain paranoia:

No problem, hopefully the changes I made this evening will working for you and Bjartur tomorrow.

Cheers

In reply to FactorXXX:

It better had be.
I'm in work at half five and if I can't get my early morning fix of tea and UKC there'll be hell to play!

In work, drinking tea and looking at UKC.
Life is good...

In reply to Kipper:


Thank you.

In reply to Paul Phillips - UKC and UKH:

Given my little error earlier in the week, I actually wanted to look at an advert that appeared on a page, but I missed. So I thought I'd go to the page of all current adverts and find it.

But I couldn't find such a page... I'm sure there used to be one. I know adverts on UKC are fairly low-key, but I think I ought to be able to find adverts if I actually set out to see them...

In reply to captain paranoia:

The advertising site was completely re-written last year and the page that showed every ad that's currently live in the system didn't make the cut when we were choosing content for the new site. It might make a return at some point.

In reply to Paul Phillips - UKC and UKH:

logged in, some pages show me as logged in at the top right but the buttons underneath comments tell me to log in to reply to a topic.

Also (seems only to apply to front page articles) logged in and clicking through to topics shows me as logged out again.

Dont know if its relevant but Alex Roddies latest article about his cairngorm walk 'Backpacking the Glens' showed up and I really enjoyed reading it so went to leave a comment, and said I was logged out, so I logged in and it threw me out again, then promptly disappeared altogether for a number of days, even going to the copied link said the article didnt exist full stop so I gave up.

In reply to eschaton:

should say that I had this problem both before and after clearing cache/cookies etc.