01-25-2020, 12:41 PM
Hazeron.com, Hazeron.net and ShoresOfHazeron.com are all functioning in the same way, such that Apache is being told to treat them all as individual domains with the same root directory on the host machine. Then there is ShoresOfHazeron.net, which just gives a 404 page. Having these domains acting independently of each other causes issues. From a brief examination, any forms on the website direct you back to hazeron.com. Most links are relative, but there's a few absolute paths with hazeron.com. Instead of this mess of domain names that operate independently, it would be highly advisable to setup permanent redirects to hazeron.com, which seems safe to say is the preferred domain of Haxus. After that's taken care of, it takes but a couple more minutes to enable HTTPS and get a SSL certificate.
It isn't difficult, it just hasn't been on Haxus's radar. However, if he continues operating his services insecurely, it's just a matter of time before some nefarious individual gains access to something they shouldn't and steals something, whether it be money or data. In fact whose to say this hasn't happened already? Things have been this way for years and years. Would Haxus even disclose this sort of incident if it were to happen?
I'm going on a tangent here, but I want to reiterate that my chief concern here is the security of mine and everyone else's information, and the continued operation of this game. Keeping software up to date and using industry best practices for encryption and transmission of data is not too much to ask, especially when money is involved.
It isn't difficult, it just hasn't been on Haxus's radar. However, if he continues operating his services insecurely, it's just a matter of time before some nefarious individual gains access to something they shouldn't and steals something, whether it be money or data. In fact whose to say this hasn't happened already? Things have been this way for years and years. Would Haxus even disclose this sort of incident if it were to happen?
I'm going on a tangent here, but I want to reiterate that my chief concern here is the security of mine and everyone else's information, and the continued operation of this game. Keeping software up to date and using industry best practices for encryption and transmission of data is not too much to ask, especially when money is involved.