Not a member yet? Why not Sign up today
Create an account  
Hazeron Forums Shores of Hazeron Bug Reports Prerelease Bug Reports v [Website] SSL and Security Improvements

Thread Rating:
  • 2 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Website] SSL and Security Improvements

AnrDaemon Offline
Senior Member
****
Posts: 402
Threads: 13
Joined: Jun 2018
Reputation: 12
#11
01-19-2020, 04:26 PM
(01-12-2020, 11:12 PM)Seathre Wrote: He really should pick one and have the rest permanent redirect to the primary domain.
Not really, if these domains are used for different purposes.
Find
Reply

Seathre Offline
Space Switzerland
**
Posts: 46
Threads: 5
Joined: Jun 2018
Reputation: 1
#12
01-20-2020, 03:18 AM (This post was last modified: 01-22-2020, 05:38 AM by Seathre. Edit Reason: This forum can't even do Emojis right. :sob: )
(01-19-2020, 04:26 PM)AnrDaemon Wrote:
(01-12-2020, 11:12 PM)Seathre Wrote: He really should pick one and have the rest permanent redirect to the primary domain.
Not really, if these domains are used for different purposes.
Are you implying that they are in fact used for different purposes? And would those purposes make for SSL implementation to be unfitting, or even a hindrance??
Find
Reply

AnrDaemon Offline
Senior Member
****
Posts: 402
Threads: 13
Joined: Jun 2018
Reputation: 12
#13
01-25-2020, 12:07 PM (This post was last modified: 01-25-2020, 12:15 PM by AnrDaemon.)
(01-20-2020, 03:18 AM)Seathre Wrote: Are you implying that they are in fact used for different purposes?
hazeron.com and softwareengineering.com ? Indeed.

Quote:And would those purposes make for SSL implementation to be unfitting, or even a hindrance??
wat
Find
Reply

Seathre Offline
Space Switzerland
**
Posts: 46
Threads: 5
Joined: Jun 2018
Reputation: 1
#14
01-25-2020, 12:41 PM
Hazeron.com, Hazeron.net and ShoresOfHazeron.com are all functioning in the same way, such that Apache is being told to treat them all as individual domains with the same root directory on the host machine. Then there is ShoresOfHazeron.net, which just gives a 404 page. Having these domains acting independently of each other causes issues. From a brief examination, any forms on the website direct you back to hazeron.com. Most links are relative, but there's a few absolute paths with hazeron.com. Instead of this mess of domain names that operate independently, it would be highly advisable to setup permanent redirects to hazeron.com, which seems safe to say is the preferred domain of Haxus. After that's taken care of, it takes but a couple more minutes to enable HTTPS and get a SSL certificate.

It isn't difficult, it just hasn't been on Haxus's radar. However, if he continues operating his services insecurely, it's just a matter of time before some nefarious individual gains access to something they shouldn't and steals something, whether it be money or data. In fact whose to say this hasn't happened already? Things have been this way for years and years. Would Haxus even disclose this sort of incident if it were to happen?

I'm going on a tangent here, but I want to reiterate that my chief concern here is the security of mine and everyone else's information, and the continued operation of this game. Keeping software up to date and using industry best practices for encryption and transmission of data is not too much to ask, especially when money is involved.
Find
Reply



Forum Jump:


Users browsing this thread:
1 Guest(s)