1. We have added the ability to collapse/expand forum categories and widgets on forum home.
    Dismiss Notice
  2. Photobucket has changed its policy concerning hotlinking images and now requires an account with a $399.00 annual fee to allow hotlink. More information is available at: this link.
    Dismiss Notice
  3. All Civ avatars are brought back and available for selection in the Avatar Gallery! There are 945 avatars total.
    Dismiss Notice
  4. To make the site more secure, we have installed SSL certificates and enabled HTTPS for both the main site and forums.
    Dismiss Notice
  5. Civ6 is released! Order now! (Amazon US | Amazon UK | Amazon CA | Amazon DE | Amazon FR)
    Dismiss Notice
  6. Dismiss Notice
  7. Forum account upgrades are available for ad-free browsing.
    Dismiss Notice

HTTPS Enabled

Discussion in 'Site Feedback' started by Thunderfall, Nov 12, 2016.

  1. Thunderfall

    Thunderfall Administrator Administrator Moderator

    Joined:
    Oct 25, 2000
    Messages:
    12,131
    Gender:
    Male
    To make the site more secure, we have installed SSL certificates and enabled HTTPS for both the main site and forums. This ensures all communications between your browser and CivFanatics website are encrypted and cannot be intercepted.

    We have also implemented URL re-writes so that visitors who clicked on HTTP links will automatically get redirected to the HTTPS version of the site.
     
    Last edited: Nov 13, 2016
    Omega124, Sonereal, Mise and 5 others like this.
  2. JH3

    JH3 Chieftain

    Joined:
    Dec 30, 2012
    Messages:
    6
    Location:
    KY USA
    I am having a problem with https today (170313). It has been disabled somehow on all the forum pages I have visited.
    I also got a warning from Google Chrome when moving from page 2 to page three of a forum:
    "Deceptive site ahead
    Attackers on www.weplayciv.com may trick you into doing something dangerous like
    installing software or revealing your personal information (for instance, passwords, phone numbers, or credit cards)."
    I clicked thru and did not get the named offensive site, but https has been disabled since then.
     

    Attached Files:

  3. JH3

    JH3 Chieftain

    Joined:
    Dec 30, 2012
    Messages:
    6
    Location:
    KY USA
  4. ainwood

    ainwood Consultant. Administrator

    Joined:
    Oct 5, 2001
    Messages:
    30,058
    That is strange. Please let us know if you get this issue again, or you diagnose the cause.

    Edit: OK - I see the problem.

    Dale has linked to a file on WePlayCiv.Com in one of his posts. For whatever reason, google thinks WePlayCiv is a phishing site, and thinks a link back to it is a phishing attempt. Either that, or it might be being very aggressive in that the image was linked over http instead of https. I'll remove that link, and hopefully fix the problem...

    Edit again: And I see weplayciv.com is down... Reading further, at one point it was apparently hacked, with a malware download in it's place (hence the google warning), but that was apparently fixed. That said, the site now seems to be offline.
     
    Last edited: Mar 14, 2017
  5. Petek

    Petek Alpha Centaurian Administrator Supporter

    Joined:
    Nov 8, 2001
    Messages:
    3,181
    Location:
    Berkeley, Calif., USA
    VirusTotal still identifies WePlayCiv as having problems. I know their admins are aware of the issue, but it has persisted for several months.
     
  6. ori

    ori Repair Guy Super Moderator

    Joined:
    Dec 17, 2005
    Messages:
    15,921
    Location:
    Baden-W├╝rttemberg, Germany
    regardless of a virus warning firefox does tell me that the connection is not secure once an offsite image or so is attached (see e. g. page two of the above linked thread) - its more a generic warning about non-secure items on an otherwise https page though.
     
  7. Dale

    Dale Chieftain

    Joined:
    Mar 14, 2002
    Messages:
    6,986
    Location:
    Melbourne
    Sorry all.

    I know Solver is trying to get this all sorted. He's move the site off vbulletin (the site was hacked using a compromise in vbulletin) and doing some cleanup. But these things take time. :)
     
  8. ainwood

    ainwood Consultant. Administrator

    Joined:
    Oct 5, 2001
    Messages:
    30,058

Share This Page