[CLOSED] "your Connection Is Not Fully Secure"

Discussion in 'Support' started by NathWFC, Jun 15, 2021.

  1. a19tgg

    a19tgg First Team

    Nothing worked for me, but for some reason accessing via the Google app on my iPhone it works fine.
  2. HappyHornet24

    HappyHornet24 Crapster Staff Member

    :D Probably more eloquent than my usual contributions but, in fact, it was a case of “computer says no” when I tried to submit any text as accessing this site via safari has sent my iPad into complete meltdown since Friday. Chrome seems ok still once I ignore all the security warnings.
  3. Filbert

    Filbert Leicester supporting bloke

    Tinpot shambles.
  4. UEA_Hornet

    UEA_Hornet First Team Captain

    So is the issue with how the site looks on the Safari browser in iOS linked to the out of date certificate problem?
  5. luke_golden

    luke_golden Space Cadet

    Seems that way. I’ve started visiting here on the Chrome app and haven’t had issues, while it’s been practically unusable on iOS for a few days now.
  6. Keighley

    Keighley First Team

    luke_golden likes this.
  7. Keighley

    Keighley First Team

    That was me trying to post on the Chrome app via IOS and I could only get that far by ignoring the warning. Can't do anything on Safari at all, or on Chrome for Windows. The only one which works for me is Edge.

    It seems to be taking quite a long time to sort out a pretty major problem...
  8. Steve Leo Beleck

    Steve Leo Beleck Squad Player

    Quite. And if the owner sees this site as a business (or part of a business) as previously mentioned on here, you'd think getting it sorted might be a bit higher up the priority list.
    Keighley likes this.
  9. CaveManHornet

    CaveManHornet Reservist

    It has got to the point where i’ve had to download tapatalk to access the forum.

    Sent from my iPhone using Tapatalk
  10. reids

    reids First Team

    Still better than the Luton Outlaws forum.
  11. Lloyd

    Lloyd Squad Player

    You don't know what you're doing, You don't know what you're doing, You don't know what you're doing,
  12. Cthulhu

    Cthulhu Keyboard Warrior Staff Member

    Smearing your monitor with faeces would be an improvement on that
  13. K9 Hornet

    K9 Hornet Border Collie Dog

    Big time Charlie, with your modern, shiny 4-sided out-of-town browser... leave us alone!
  14. Arakel

    Arakel First Team

    Apple are trying to protect you by blocking elements they think are potentially dangerous.

    I don't have access to an iOS device to check right now, but my guess is they've disabled the TLS 1.0 and 1.1 protocols, requiring 1.2 or later. The site isn't currently serving up TLS 1.2.
    UEA_Hornet likes this.
  15. Arakel

    Arakel First Team

    I bet you're getting more enjoyment out of watching our misery than you are out of looking at your own shiny, working forum.
  16. The undeniable truth

    The undeniable truth First Team Captain

    This could be the end.
    RIP WFCForums.
  17. MIlton Dammers

    MIlton Dammers Reservist

    I assume all Lesta fans use Firefox
  18. Arakel

    Arakel First Team

    In the interests of trying to help out here, I did some sniffing around to see what I could work out. I obviously have no access to any of the backend so this is just based on publicly available info.

    It looks like this forum is running Xenforo on an Apache Web Server. The web server is enabled for a number of outdated protocols:

    SSL 3.0
    TLS 1.0
    TLS 1.1

    And does not support the following recommended protocols:

    TLS 1.2 (consider this mandatory)
    TLS 1.3 (this is more optional, but good if you can do it and will future proof you)

    To fix this, you will likely need to modify the Apache server to support recommended protocols, and remove support for the deprecated ones. Depending on how old the forum code and backend is, this may require an upgrade, or it may just be a case of needing to modify the appropriate files. I don't remember what version is required for TLS 1.2, but I think 1.3 required Apache 2.4.38 or higher.

    The file you generally need to modify is httpd.conf (or equivalent - it can vary depending on what your backend web server is, and I can't see that). To appropriately enable/disable the relevant protocols, the SSLProtocol line should probably look like this:

    SSLProtocol -all +TLSv1.2

    If your Apache version is high enough to support TLSv1.3 you could add that too (I believe that should be +TLSv1.3 - put a space after the 2 in 1.2 and add it there).

    SSLProtocol -all +TLSv1.2 +TLSv1.3

    Remember that these configuration files are case sensitive.
    Last edited: Jun 28, 2021
  19. wimbornet

    wimbornet Reservist

    hornmeister likes this.
  20. domthehornet

    domthehornet Moderator Staff Member

    Just a quick update folks, we have now passed the matter on to a third party to resolve. Thank you very much to Arakel for the additional help, this will be resolved shortly.
  21. inayellowshirt

    inayellowshirt From the other place

    Would NEVER* have happened with Gloryhorns!!

    * The rubber band running the server would have snapped before hand
    MIlton Dammers and NathWFC like this.
  22. The undeniable truth

    The undeniable truth First Team Captain

    Yes, I agree with this.
  23. Rvjgd

    Rvjgd Academy Graduate

    Sad day
  24. GoingDown

    GoingDown "The Stability"

    Hmm. It hasn't impressed me much. If it was any good, it'd be used by the big boys.
  25. wfcSinatra

    wfcSinatra Predictor Choker 14/15


    Sent from my Rolls-Royce Wraith using Tapatalk
    Burnsy and DrewH like this.
  26. domthehornet

    domthehornet Moderator Staff Member

    We are updating the server as the old server is having a hissy fit, it may go offline for a bit but we will forewarn you lot.

    sydney_horn likes this.
  27. DannyM

    DannyM Academy Graduate

    I'm still having troubles getting on here via Firefox on my phone. Also, just downloaded tapatalk, tried to download the wfcforums but it keeps saying network error. It allows me to download other forums fine.

    Any help appreciated
  28. HeiaWatford

    HeiaWatford Reservist

    I need to contact admin. Is there a direct email someone can box me because the contact us isn't working for me...
  29. Heidar

    Heidar Squad Player

    Doesn't seem to have been mentioned but Tapatalk on Android doesn't seem to work either.

    Fortunately, Watford aren't doing anything apart from wishing everyone under the sun a happy birthday lately. Signings are secondary.
  30. HeiaWatford

    HeiaWatford Reservist

    Can you inbox me?
  31. AndrewH63

    AndrewH63 Reservist

    Thanks to all involved in resolving this issue, that had made the site unusable on my iPad. It obviously became more complex, and the time and effort is much appreciated.
  32. Bwood_Horn

    Bwood_Horn Squad Player

    I'm really happy now "https://..."
  33. IRB

    IRB THe artist formally know as ImRonBurgundy?

    Well done chaps
  34. UEA_Hornet

    UEA_Hornet First Team Captain

    The issue was at the heart of the state of the art wfcforums server:

    GarbeliaHornet and Diamond like this.
  35. Irishorn

    Irishorn Gael Force

    Once I saw the warnings, I stayed away from the site like a scaredy-cat! Technology freaks me out and the use of terminology that sounds made up is annoying to me, to the great amusement of my kids. But the site is back up and running so well done to the techies.
    Chiswell and PowerJugs like this.

Share This Page