Security Certificate

[weeksy]

The problem is hackers grab the passwords as they are sent across the net from a public hotspot and then try them on other more damaging websites so anyone who uses the same password across many websites should worry, but as we are all securty savvy none of us do that do we.

Yes i get that... if the hacker is monitoring... if they are active... if they know about the site and the issues.... which is... fairly unlikely.

They don't need to know about the site or the issues, they connect to a public wifi and capture any unencrypted usernames & passwords sent across it. This site could have the most perfect security in the world and it wouldn't help as it's not this site they are getting details from.
If you are connected to a station or coffee shop wifi there's a fairly good chance someone is monitoring it, even if it's just for sport. From home I only have my kids to worry about.

Yeah but... we're not talking about not running SSL ever... we're talking about an intermittent issue that the ISP had last night from 10pm.

You could all go crazy and change your passwords of course.... if that makes you feel better... me, i'm not massively troubled at the moment.

[McNab]

Is this why I'm getting blocked on my company's system today?

I don't usually have any problems but today I'm getting the message "Hmmm...your internet access is blocked"

[weeksy]

Is this why I'm getting blocked on my company's system today?

I don't usually have any problems but today I'm getting the message "Hmmm...your internet access is blocked"

SHouldn't be.... this was all resolved days ago.. Can't think of any reason why a company would suddenly block it unless they've change configuration on the blockers...

[McNab]

Ah boo. It was fine friday it seems the security or firewall is blocking it now.

[KungFooBob]

It's because we say fuck and bugger too much!

NOBODY SAY FUCK OR BUGGER ANYMORE!

[weeksy]

the SSL Cert is due for renewal in the next week.

Do not panic... it will be incorrect for a few hours at some stage.. no, that doesn't mean anyone can hack your machine, or do anything bad... it just means if you put in your CC information etc during this time it could be potentially in some world, stolen.... So don't... but you don't anyway as we don't take payments like this... so don't panic.

Every year i try and do the Cert on this site and every year i fail.. i then get their techs to do it and it's OK.

The bizarre part is, my day to day job is doing Web Certs so why i cannot get theirs to work is a mystery to me each and every year.

[KungFooBob]

Can't they automate it all for free with Let's Encrypt?

[weeksy]

Can't they automate it all for free with Let's Encrypt?

Dunno... not seen whatever that is in a list of options/tools within their software.

[KungFooBob]

Do you have shell access to the server or just something like cpanel?

[weeksy]

Do you have shell access to the server or just something like cpanel?

Cpanel.

[KungFooBob]

Then you can't do it yourself.

You'd need the hosting co to do it.

[weeksy]

Mmmmm intersting.. The blurb implies we can do ourselves, but in truth i forget the process..

If you're interested we can do a screen share whenever it's up for swapping and i can get your knowledge, you may see something i've missed.

[KungFooBob]

I don't have a clue.

I just know that Let's Encrypt provide 30 day rolling auto updating ssl certs for free.

Never actually used it.

[weeksy]

SSL Cert is now up to date and valid for another year..

That's it, you're stuck with this place again.

[Horse]

SSL Cert is now up to date and valid for another year..

That's it, you're stuck with this place again.

Yippee more time wasted (in amongst all the useful advice, etc., of course).

Thanks, boss!