Thread Rating:
  • 2 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
What could make the forums more popular?
#61
Alright, then we might have better make new memes and spread it all over the world.

...Can it be a good idea?
Reply
#62
We could just execute anyone who refuses to make an account on here right?
"anyway.. why do people keep saying my name? i don't sim anymore lol"
[-] The following 1 user says Thank You to Ali for this post:
  • heart
Reply
#63
Force the guests to sign up in order to browse the forums.
Catch the dope with your horoscope!

[Image: JXGCh7i.png]
Reply
#64
(2018-12-20 02:12:00)Mystery Wrote: Force the guests to sign up in order to browse the forums.

But first, are there many guests who really want to browser this forums in the first place?
Reply
#65
(2018-12-18 17:55:19)Ali Wrote: Alright. I've made contact with Jiggmin. Hopefully this will convince him


https://imgur.com/a/IGpTVhT
lmfao!
Reply
#66
(2018-08-16 22:39:49)aaaaaa123456789 Wrote: Oh right, Let's Encrypt actually works properly now and issues useful certs. I'll probably set something up this weekend or the next then.

(2018-09-12 09:43:40)Ringstaart Wrote:
(2018-09-12 04:42:40)aaaaaa123456789 Wrote:
(2018-09-09 15:47:52)Ringstaart Wrote: https://github.com/diafygi/acme-tiny (200 lines of Python, cron-capable, packaged by Debian)

Can this work with Apache-hosted websites? I only see instructions for nginx there.

Yes, the nginx instructions just tell nginx to look in the /var/www/challenges directory when receiving a /.well-known/acme-challenge/ path. It works with static filehosting.

https://github.com/diafygi/acme-tiny/issues/79 has Apache configs, and it looks to me like you could perhaps even get away with using a symlink instead of a fancy server config alias, or with pointing acme_tiny at a subdirectory of your regular web root if you set up permissions so that it can't modify anything outside its dedicated space.

aaaaaa123456789, can we get that SSL if you get some free time? Would be nice. It's putting some users off to the point of not coming here.
Catch the dope with your horoscope!

[Image: JXGCh7i.png]
Reply
#67
Not having a big red triangle in the top left saying "Not secure" every time you type anything in here
Reply
#68
I'm absolutely not going to pay for a certificate (it's a scam), and I'm absolutely not going to install a root daemon to do God knows what with the server config. And we all know what will happen if I'm required to renew it manually on a quarterly basis.

Moving away from the ridiculous scam that we know as certification authorities, we have several options.
One of them would be to add a self-signed certificate. Self-signed certificates are perfectly good when it comes to encryption, but the red warning would actually become a red clickthrough, because some genius at browser-maker HQ decided that self-signed or expired certs are worse than no cert at all (hint: it costs money to have browsers and OSes recognize a CA).
Another option would be to add the self-signed cert but avoid redirecting traffic to the HTTPS website. That way, anyone entering https://forums.acidch.at would be taken to the HTTPS version with the self-signed cert (with clickthrough included), and anyone going to the HTTP version would just interact with the regular (unencrypted) version.
Finally, if someone wants to put the 300 dollars or so that it would cost to buy a 2+ year certificate for the website, go for it and I'll install it.

Any other options are welcome.
If you need to contact me for any reason, or if you have any questions, concerns, problems or requests, message me here or email me at aaaaaa123456789@acidch.at.

This forum has been around for (loading...)
Reply
#69
Would any of these work? They seem fairly inexpensive.

https://www.namecheap.com/security/ssl-c...es/comodo/
Catch the dope with your horoscope!

[Image: JXGCh7i.png]
Reply
#70
(2019-02-26 04:48:48)luxurious spa Wrote: Would any of these work? They seem fairly inexpensive.

https://www.namecheap.com/security/ssl-c...es/comodo/

They all would, since we're not using subdomains here. If you want to make a purchase, let me know.
If you need to contact me for any reason, or if you have any questions, concerns, problems or requests, message me here or email me at aaaaaa123456789@acidch.at.

This forum has been around for (loading...)
Reply
#71
(2019-02-26 04:06:27)aaaaaa123456789 Wrote: I'm absolutely not going to pay for a certificate (it's a scam), and I'm absolutely not going to install a root daemon to do God knows what with the server config. And we all know what will happen if I'm required to renew it manually on a quarterly basis.

Moving away from the ridiculous scam that we know as certification authorities, we have several options.
One of them would be to add a self-signed certificate. Self-signed certificates are perfectly good when it comes to encryption, but the red warning would actually become a red clickthrough, because some genius at browser-maker HQ decided that self-signed or expired certs are worse than no cert at all (hint: it costs money to have browsers and OSes recognize a CA).
Another option would be to add the self-signed cert but avoid redirecting traffic to the HTTPS website. That way, anyone entering https://forums.acidch.at would be taken to the HTTPS version with the self-signed cert (with clickthrough included), and anyone going to the HTTP version would just interact with the regular (unencrypted) version.
Finally, if someone wants to put the 300 dollars or so that it would cost to buy a 2+ year certificate for the website, go for it and I'll install it.

Any other options are welcome.

I've linked you to this exact same thing before, but here:
https://github.com/diafygi/acme-tiny
Works best with cron, small enough to audit, only needs access to a directory that maps to /.well-known/acme-challenge/ (so no root needed).
[-] The following 1 user says Thank You to Ringstaart for this post:
  • Pandoras Fox
Reply
#72
I could never figure out the install instructions. How does it deploy the cert?
If you need to contact me for any reason, or if you have any questions, concerns, problems or requests, message me here or email me at aaaaaa123456789@acidch.at.

This forum has been around for (loading...)
Reply
#73
(2019-02-28 02:32:49)aaaaaa123456789 Wrote: I could never figure out the install instructions. How does it deploy the cert?

It's written to stdout. Note the example invocation:
Code:
python acme_tiny.py --account-key ./account.key --csr ./domain.csr --acme-dir /var/www/challenges/ > ./signed_chain.crt

You just make sure the output ends up where the server expects to find its certificate, then restart the server so it reads it again.
[-] The following 2 users say Thank You to Ringstaart for this post:
  • aaaaaa123456789, Pandoras Fox
Reply
#74
(2019-02-28 20:43:32)Ringstaart Wrote:
(2019-02-28 02:32:49)aaaaaa123456789 Wrote: I could never figure out the install instructions. How does it deploy the cert?

It's written to stdout. Note the example invocation:
Code:
python acme_tiny.py --account-key ./account.key --csr ./domain.csr --acme-dir /var/www/challenges/ > ./signed_chain.crt

You just make sure the output ends up where the server expects to find its certificate, then restart the server so it reads it again.

+1 on this - I had a job that runs this (as its own user) and only had perms to write to challenge directory and the cert files. Once acme_tiny finished successfully, the job would restart nginx.

That being said, I've since moved to DNS letsencrypt certs, since those let me wildcard on the domain and get a cert for *.fox.mom since I'm a lazy asshole.
h
Reply
#75
(2019-02-28 20:43:32)Ringstaart Wrote:
(2019-02-28 02:32:49)aaaaaa123456789 Wrote: I could never figure out the install instructions. How does it deploy the cert?

It's written to stdout. Note the example invocation:
Code:
python acme_tiny.py --account-key ./account.key --csr ./domain.csr --acme-dir /var/www/challenges/ > ./signed_chain.crt

You just make sure the output ends up where the server expects to find its certificate, then restart the server so it reads it again.

I'll have to look into it when I get back home in a few days. Does it need an actual server restart, or will SIGHUP be enough?
If you need to contact me for any reason, or if you have any questions, concerns, problems or requests, message me here or email me at aaaaaa123456789@acidch.at.

This forum has been around for (loading...)
Reply
#76
(2019-03-02 09:39:38)aaaaaa123456789 Wrote:
(2019-02-28 20:43:32)Ringstaart Wrote:
(2019-02-28 02:32:49)aaaaaa123456789 Wrote: I could never figure out the install instructions. How does it deploy the cert?

It's written to stdout. Note the example invocation:
Code:
python acme_tiny.py --account-key ./account.key --csr ./domain.csr --acme-dir /var/www/challenges/ > ./signed_chain.crt

You just make sure the output ends up where the server expects to find its certificate, then restart the server so it reads it again.

I'll have to look into it when I get back home in a few days. Does it need an actual server restart, or will SIGHUP be enough?

systemctl restart nginx/service nginx restart will probably do the job.
Reply
#77
(2019-03-02 09:39:38)aaaaaa123456789 Wrote: I'll have to look into it when I get back home in a few days.

[Image: giphy-downsized-large.gif]
Catch the dope with your horoscope!

[Image: JXGCh7i.png]
Reply
#78
(2019-03-20 20:21:54)Robin Hood Wrote:
(2019-03-02 09:39:38)aaaaaa123456789 Wrote: I'll have to look into it when I get back home in a few days.
[Image: giphy-downsized-large.gif]

Take a shot everytime AX6 says something along the lines of "I'll do it soon." and doesn't.
[-] The following 1 user says Thank You to Residays for this post:
  • Camer the Dragon
Reply
#79
(2019-03-20 20:24:23)Residays Wrote:
(2019-03-20 20:21:54)Robin Hood Wrote:
(2019-03-02 09:39:38)aaaaaa123456789 Wrote: I'll have to look into it when I get back home in a few days.
[Image: giphy-downsized-large.gif]

Take a shot everytime AX6 says something along the lines of "I'll do it soon." and doesn't.

I don't wanna die
Reply
#80
Might as well take shots from a gun, they would both yield death
Catch the dope with your horoscope!

[Image: JXGCh7i.png]
[-] The following 2 users say Thank You to Robin Hood for this post:
  • Camer the Dragon, Residays
Reply




Users browsing this thread: 1 Guest(s)