Jump to content
NEW ANNOUNCEMENT - Check Featured Topic! ×
Bronya Zaychik

Kametsu is now SSL-ready!

Recommended Posts

I am pleased to report that after a bit of teeth-gnashing and countless head-desking, Kametsu is now fully SSL-enabled!

 

We also want to let you know that, at times, your browser might say 'partially encrypted' or 'some parts insecure' or something similar. You will probably notice this occurring most often in these scenarios:

  • A topic that contains posts that have external images
  • A topic that contains posts made by a user that has an avatar linked externally
  • A topic that contains posts made by a user that has an image in their signature that is linked externally
  • User profile pages that avatars and/or images in signatures are linked externally

These scenarios only apply to EXISTING topics and avatars/signature images - that is, they existed BEFORE we turned SSL on. NEW topics created from this point forward are NOT affected by this as any externally linked images are forced to HTTPS transparently.

 

All members: If you wish to assist us in eliminating at least some of these areas, you can do so by refreshing your avatar URL and/or any embedded images in your signature. You do NOT need to prefix https:// to these things. Just re-set the same URL you have had before and save it - our system should automatically enforce HTTPS for it in the future. You need only do this for embedded images in your signatures in most cases. If you externally linked your avatar image, you'll need to do that for it as well.

 

If you notice any other site-breaking issues, please post in this topic so we can take a look. Thanks!

  • Like 15

Share this post


Link to post
Share on other sites
6 minutes ago, JohnFlower said:

There's performance issues.

In what way?

Share this post


Link to post
Share on other sites
2 minutes ago, JohnFlower said:

It's sloooooow.

Seems just as fast as it was before for me. Everything loads instantly and no lagging.

Might just be a problem on your end.

Share this post


Link to post
Share on other sites
1 minute ago, JohnFlower said:

It's sloooooow.

 

Perfectly fine on my end as well as Koby's. Now I will say that initially, SSL session caching settings weren't properly configured, and that likely was significantly impacting the performance of the SSL module in a negative way. I've since tweaked those settings and restarted the webserver. However, there's nothing else I can do about that if it's still slow for you, and you will just have to bear with it, sorry.

Share this post


Link to post
Share on other sites

Nice job guys.

 

The reply box wouldn't fully open for me at first, but it seems that was just a one time thing. I went and tested elsewhere and it worked fine, was probably just lag.

Share this post


Link to post
Share on other sites
2 hours ago, Cryptic said:

The reply box wouldn't fully open for me at first, but it seems that was just a one time thing. I went and tested elsewhere and it worked fine, was probably just lag.

 

Yes both myself and Koby ran into this as well. There seems to be some occasional lag in spots, and I may have to tweak the web server software a bit more later on. I may actually implement the HTTP/2 module at some point, which should assist with that problem - it's generally a faster protocol than the standard HTTP/1.1 especially over SSL-secured connections. But that'll be for another maintenance time in the future.

 

(BTW: Fun read on what I'm talking about in regards to HTTP/2: https://en.wikipedia.org/wiki/HTTP/2)

Share this post


Link to post
Share on other sites

Ah, this explains the 504 errors i was getting. 

I was using an old bookmark for kametsu which https didn't like. 

GG, got a bit scared when i couldn't login, thought the site was RIP

Share this post


Link to post
Share on other sites
Just now, Cesario said:

Ah, this explains the 504 errors i was getting. 

I was using an old bookmark for kametsu which https didn't like. 

GG, got a bit scared when i couldn't login, thought the site was RIP

Strange. Any non-https link should redirect you to the https version.

 

Could you by chance share the exact link in a code box? It's the button that looks like <> on the top bar of the editor (in between the quote and spoiler buttons).

Share this post


Link to post
Share on other sites

If you're using the rewrite engine, it's actually not that perfect, can break certain links or interactive media (think javascript) when it comes to images/videos links.

 

But thanks for doing the SSL/TLS, about time I say!

Share this post


Link to post
Share on other sites

Looks like redirection is working now but for the past few days i was being rejected, looks like my old bookmark was pointing to the index.php landing page

 

https://forums.kametsu.com/index.php

Secure connection failed

We're sorry. Your request for /index.php could not be completed.
This is probably because the site you were connecting to supports SSL but your browser and/or OS does not support the Server Name Indication extension to TLS (likely because it's too old), and thus you were dropped here instead. The only fix for this is to upgrade/change your browser and/or upgrade your OS - especially if you're using older Windows versions like Windows XP (if you are...why are you still using that, exactly...?).

Until then your connection will not function to the site you intended.

Did the whole cache clear / private browser dealy'o and but it was happening at home, phone on 3G and work network but i found going in through the kametsu.com link got me back in.

 

Share this post


Link to post
Share on other sites
8 minutes ago, Cesario said:

Looks like redirection is working now but for the past few days i was being rejected, looks like my old bookmark was pointing to the index.php landing page

 


https://forums.kametsu.com/index.php

Secure connection failed

We're sorry. Your request for /index.php could not be completed.
This is probably because the site you were connecting to supports SSL but your browser and/or OS does not support the Server Name Indication extension to TLS (likely because it's too old), and thus you were dropped here instead. The only fix for this is to upgrade/change your browser and/or upgrade your OS - especially if you're using older Windows versions like Windows XP (if you are...why are you still using that, exactly...?).

Until then your connection will not function to the site you intended.

Did the whole cache clear / private browser dealy'o and but it was happening at home, phone on 3G and work network but i found going in through the kametsu.com link got me back in.

 

Ah, the old forums.kametsu.com sub-domain. Well that would be it then, because it was never configured for SSL. I had forgotten about that redirect cause it happened like 3 years ago.

Kind of surprised to hear anyone would have still been using it after all this time...

Share this post


Link to post
Share on other sites
10 hours ago, Koby said:

Ah, the old forums.kametsu.com sub-domain. Well that would be it then, because it was never configured for SSL. I had forgotten about that redirect cause it happened like 3 years ago.

Kind of surprised to hear anyone would have still been using it after all this time...

I ran into the same issue. took me a little bit to find my way around it.

Share this post


Link to post
Share on other sites
18 hours ago, Koby said:

I had forgotten about that redirect cause it happened like 3 years ago.

Kind of surprised to hear anyone would have still been using it after all this time...

 

I've been lurking for a long long time ;)

thanks @Koby

 

  • Like 1

Share this post


Link to post
Share on other sites
On 4/26/2017 at 1:11 AM, Freakindeed said:

I got a certification error when using Palemoon, it was necessary to approve that  to access Kametsu.

 

The certificate we use is issued by a trusted authority in all the major browsers. This should not be an issue unless you were using a browser that has not been updated to reflect current trusted Certificate Authorities. It also should not occur if you access the forums using https://kametsu.com - or www.* should also work. But any other domain will not.

 

20 hours ago, ZeroPenguins said:

If you're using the rewrite engine, it's actually not that perfect, can break certain links or interactive media (think javascript) when it comes to images/videos links.

 

But thanks for doing the SSL/TLS, about time I say!

 

For the time being we use the rewrite engine to do our redirects. The hope is to bring all of the *.kametsu.com domains under SSL eventually (including the XDCC parser site). At that point I can probably change the redirect method to be more accurate.

  • Like 1

Share this post


Link to post
Share on other sites

Well Done! 
Kametsu is already the best forum I know technology-wise (and don't even let be begin about content and community).

  • Like 2

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...