Mr. Nice Forums  
Home History Strains Media Web Community Medical Marijuana Contact us Auctions

Go Back   MNS Forums > MNS Forums > 1. About this website

Reply
 
LinkBack Thread Tools Display Modes
  #1  
Old 05-08-2012, 04:08 AM
Senior Member
 
Join Date: Apr 2011
Posts: 877
Default Please enable HTTPS for the gallery

You can add the "s" manually, but it goes unencrypted every time you click a link in the process.

Thanks
cptn
__________________
Cptn
Reply With Quote
  #2  
Old 05-09-2012, 10:47 PM
Senior Member
 
Join Date: Apr 2011
Posts: 877
Default

Please
thank you
__________________
Cptn
Reply With Quote
  #3  
Old 05-10-2012, 04:16 AM
Senior Member
 
Join Date: Apr 2011
Posts: 877
Default

I have sent a PM to admini on this (last night) and gotten no response.

How can the privacy and security of member data be of so little importance to the people that run the site?
__________________
Cptn
Reply With Quote
  #4  
Old 05-10-2012, 05:35 AM
Member
 
Join Date: Oct 2007
Location: In the Desert
Posts: 56
Default

Maybe it has to do with their deal with Interpol. Why else would Shanti leave and put Jesse and Hempy in charge?

YJ
Reply With Quote
  #5  
Old 05-10-2012, 06:05 AM
Senior Member
 
Join Date: Mar 2012
Posts: 663
Default

Quote:
Originally Posted by Yellowjacket View Post
Maybe it has to do with their deal with Interpol. Why else would Shanti leave and put Jesse and Hempy in charge?

YJ
What is wrong with you guys if you dont want to be here then why dont you just ask to have your accounts closed.

I mean what a stupid thing to post up and in a canna forum of all places what a joke this has become now its past the point of just editing and warning you people now.

We put out one spot fire out and 10 more start up and all from the same people or friends of a set group of people.

Deal with interpol is it now yellowjacket what do you base this on i wounder what a dangerous stupid think to post up people like you are a liability to this forum and to all its membership with in it.



Cptn i will contact shanti today and link him to this thread you could of also pm shanti or the mods.
Reply With Quote
  #6  
Old 05-10-2012, 06:43 AM
Senior Member
 
Join Date: Apr 2011
Posts: 877
Default

Quote:
Originally Posted by hempy View Post
Cptn i will contact shanti today and link him to this thread you could of also pm shanti or the mods.
Thanks Hempy. I know your response is genuine.

I have deleted all my pics so I can't put any more energy into calling attention to the obvious.

It's a security hole and should be fixed. It has been this way since I got here. Never fixed.

I'm sure you understand what I am talking about. Admini should know exactly, as do probably 80% of the members (assuming the new ones I haven't become acquainted with yet are as savvy as the dearly departed old ones.)
__________________
Cptn
Reply With Quote
  #7  
Old 05-10-2012, 07:53 AM
Senior Member
 
Join Date: Mar 2012
Posts: 663
Default

shantis has been contacted Cptn and any real issues will be sorted out soon as possible.

Yellowjacket you will be also contacted so you can then explane your self to shanti.

Then i would like you to come into this thread or start a new one and explane your self to the membership of this site for the lies you have just posted after you do that then the membership will understand why your lies and the lies of your buddy's are all linked an explanation is well over due dont you think ?.
Reply With Quote
  #8  
Old 05-10-2012, 08:15 AM
shantibaba's Avatar
Breeder and moderator
 
Join Date: Mar 2007
Posts: 1,214
Default

Hi All

well the members security is one of the main reasons we do so many things behind the scenes as well as why we are always updating security ...as for the https v http well this is more in adminis line of work so I will speak to him now.

As for Mr Yellowjacket, never heard of you before on the site but that certainly was not the best foot forward.

All the best sb
__________________
ψ-ψ-ψ-ψ-ψ-ψ-ψ-ψ-ψ-ψ-ψ

"Care about what other people think and you will always be their prisoner." -Lao Tzu

all the best,
Shantibaba
http://www.mrnice.nl
Reply With Quote
  #9  
Old 05-14-2012, 05:44 AM
Rza Rza is offline
Banned
 
Join Date: Jan 2012
Posts: 63
Default

There are many ways to force your browser to use HTTPS instead of HTTP for any site in particular, and I've been using it here for forcing HTTPS on the gallery for awhile, and use it for many other sites as well that are similar. Admini will be able to fix this, but it might be a pain in his ass, because I'm pretty sure the Gallery is a separate AddOn to the forum software and that is why it resorts to regular HTTP all the time while the main site does not. He is the man, though, and I'm sure he'll get it done.

In the mean time, (or just because it's safer =) Firefox with the 'NoScript' AddOn is probably the best way, since this is a safe way to use a browser and recommended for the security conscious. 'NoScript' will disallow JavaScript and almost all active content from displaying by default on webpages, and basically blocks all attempts at Cross-Site Scripting attacks, Cross-Site Request Forgeries, and Drive-By Malware Downloads, which are the three most prevalent browser based attacks. JavaScript, Flash, Quicktime, and Adobe Reader are rife with remote executable vulnerabilities. Using a browser with those enabled by default is like holding a loaded gun to your head, one wrong click and it will go off (you'll get infected by some bullshit malware that downloads and executes on your computer through a Flash 0-day before you even know what is happening). These days, you don't need to click on a bad link even, as hackers have successfully embedded exploits into all types of major sites that people use and trust every day.

It will almost completely break the pages you use everyday, because they almost all use Javascript in some form or another. This is easily dealt with by basically creating a whitelist of sites you visit all the time. The first time you come to MNS forum after installing, just right-click anywhere on the page and go to the 'NoScipt' menu option, another small tab will open and choose to 'Allow mrnice.nl'. You will never have to do that again for this site and it will work as intended from now on.

In the options of 'NoScript' is where you can list the sites you would like HTTPS forced on no matter what. Right-click anywhere on the webpage, scroll to 'NoScript', it will open a small tab and choose 'Options'. It is under the 'Advanced' tab, then 'HTTPS', then 'Behavior'.

If you are just trying out FireFox for the first time, be sure to also get the 'AdBlock' AddOn as well. It will block just about every advertisement you would ever see on the Internet, and once you use it browsing without it is never the same.

Hope that helps everyone stay safe, and best of luck Admini with the task, sounds like a doosy!

(EDIT) I had to LOL at the Interpol thing, couldn't tell if he was being funny or just one of those types, either way it made me smile. That's one thing I don't think anyone is really worried about!

Last edited by Rza; 05-14-2012 at 06:01 AM.
Reply With Quote
  #10  
Old 05-14-2012, 04:04 PM
Senior Member
 
Join Date: Apr 2011
Posts: 877
Default

Thanks for the great response RZA.
can you do the same thing with Chrome?

cptn

Quote:
Originally Posted by Rza View Post
There are many ways to force your browser to use HTTPS instead of HTTP for any site in particular, and I've been using it here for forcing HTTPS on the gallery for awhile, and use it for many other sites as well that are similar. Admini will be able to fix this, but it might be a pain in his ass, because I'm pretty sure the Gallery is a separate AddOn to the forum software and that is why it resorts to regular HTTP all the time while the main site does not. He is the man, though, and I'm sure he'll get it done.

In the mean time, (or just because it's safer =) Firefox with the 'NoScript' AddOn is probably the best way, since this is a safe way to use a browser and recommended for the security conscious. 'NoScript' will disallow JavaScript and almost all active content from displaying by default on webpages, and basically blocks all attempts at Cross-Site Scripting attacks, Cross-Site Request Forgeries, and Drive-By Malware Downloads, which are the three most prevalent browser based attacks. JavaScript, Flash, Quicktime, and Adobe Reader are rife with remote executable vulnerabilities. Using a browser with those enabled by default is like holding a loaded gun to your head, one wrong click and it will go off (you'll get infected by some bullshit malware that downloads and executes on your computer through a Flash 0-day before you even know what is happening). These days, you don't need to click on a bad link even, as hackers have successfully embedded exploits into all types of major sites that people use and trust every day.

It will almost completely break the pages you use everyday, because they almost all use Javascript in some form or another. This is easily dealt with by basically creating a whitelist of sites you visit all the time. The first time you come to MNS forum after installing, just right-click anywhere on the page and go to the 'NoScipt' menu option, another small tab will open and choose to 'Allow mrnice.nl'. You will never have to do that again for this site and it will work as intended from now on.

In the options of 'NoScript' is where you can list the sites you would like HTTPS forced on no matter what. Right-click anywhere on the webpage, scroll to 'NoScript', it will open a small tab and choose 'Options'. It is under the 'Advanced' tab, then 'HTTPS', then 'Behavior'.

If you are just trying out FireFox for the first time, be sure to also get the 'AdBlock' AddOn as well. It will block just about every advertisement you would ever see on the Internet, and once you use it browsing without it is never the same.

Hope that helps everyone stay safe, and best of luck Admini with the task, sounds like a doosy!

(EDIT) I had to LOL at the Interpol thing, couldn't tell if he was being funny or just one of those types, either way it made me smile. That's one thing I don't think anyone is really worried about!
__________________
Cptn
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 09:25 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 PL2
All rights reserved, MR NICE SEEDBANK, NL