HTTPS Enabled

Thunderfall

Administrator
Administrator
Joined
Oct 25, 2000
Messages
12,497
To make the site more secure, we have installed SSL certificates and enabled HTTPS for both the main site and forums. This ensures all communications between your browser and CivFanatics website are encrypted and cannot be intercepted.

We have also implemented URL re-writes so that visitors who clicked on HTTP links will automatically get redirected to the HTTPS version of the site.
 
Last edited:
I am having a problem with https today (170313). It has been disabled somehow on all the forum pages I have visited.
I also got a warning from Google Chrome when moving from page 2 to page three of a forum:
"Deceptive site ahead
Attackers on www.weplayciv.com may trick you into doing something dangerous like
installing software or revealing your personal information (for instance, passwords, phone numbers, or credit cards)."
I clicked thru and did not get the named offensive site, but https has been disabled since then.
 

Attachments

  • Warning.png
    Warning.png
    22.5 KB · Views: 844
That is strange. Please let us know if you get this issue again, or you diagnose the cause.

Edit: OK - I see the problem.

Dale has linked to a file on WePlayCiv.Com in one of his posts. For whatever reason, google thinks WePlayCiv is a phishing site, and thinks a link back to it is a phishing attempt. Either that, or it might be being very aggressive in that the image was linked over http instead of https. I'll remove that link, and hopefully fix the problem...

Edit again: And I see weplayciv.com is down... Reading further, at one point it was apparently hacked, with a malware download in it's place (hence the google warning), but that was apparently fixed. That said, the site now seems to be offline.
 
Last edited:
VirusTotal still identifies WePlayCiv as having problems. I know their admins are aware of the issue, but it has persisted for several months.
 
regardless of a virus warning firefox does tell me that the connection is not secure once an offsite image or so is attached (see e. g. page two of the above linked thread) - its more a generic warning about non-secure items on an otherwise https page though.
 
Sorry all.

I know Solver is trying to get this all sorted. He's move the site off vbulletin (the site was hacked using a compromise in vbulletin) and doing some cleanup. But these things take time. :)
 
Top Bottom