Got a credit card? use our Credit Card & Finance Calculators
Thanks to Anonymous,bruncher,niord,gvonge,Shelford, for Donating to support the site
Should I be concerned?
-
- Lemon Quarter
- Posts: 1982
- Joined: November 4th, 2016, 6:26 pm
- Has thanked: 229 times
- Been thanked: 715 times
Should I be concerned?
Your connection isn't private
Attackers might be trying to steal your information from http://www.lemonfool.co.uk (for example, passwords, messages or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: *.sucuri.net
Issuer: Go Daddy Secure Certificate Authority - G2
Expires on: 7 Oct 2023
Current date: 20 Aug 2023
Certificate Transparency:
SCT Google 'Argon2023' log (Embedded in certificate, Verified)
SCT DigiCert Yeti2023 Log (Embedded in certificate, Verified)
SCT Cloudflare 'Nimbus2023' Log (Embedded in certificate, Verified)
Attackers might be trying to steal your information from http://www.lemonfool.co.uk (for example, passwords, messages or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: *.sucuri.net
Issuer: Go Daddy Secure Certificate Authority - G2
Expires on: 7 Oct 2023
Current date: 20 Aug 2023
Certificate Transparency:
SCT Google 'Argon2023' log (Embedded in certificate, Verified)
SCT DigiCert Yeti2023 Log (Embedded in certificate, Verified)
SCT Cloudflare 'Nimbus2023' Log (Embedded in certificate, Verified)
-
- Lemon Half
- Posts: 8498
- Joined: January 7th, 2017, 9:56 am
- Has thanked: 1563 times
- Been thanked: 3460 times
-
- Lemon Half
- Posts: 5936
- Joined: November 4th, 2016, 11:22 am
- Has thanked: 4291 times
- Been thanked: 2651 times
-
- Lemon Quarter
- Posts: 4872
- Joined: November 4th, 2016, 2:24 pm
- Has thanked: 4906 times
- Been thanked: 2142 times
-
- Lemon Quarter
- Posts: 2120
- Joined: November 4th, 2016, 9:40 am
- Has thanked: 1053 times
- Been thanked: 860 times
-
- The full Lemon
- Posts: 10942
- Joined: November 4th, 2016, 8:17 pm
- Has thanked: 1498 times
- Been thanked: 3041 times
Re: Should I be concerned?
So your lemonfool login credentials have been passed over an unencrypted connection. As have mine a couple of hours ago.
If it had been your bank or your broker, that would be a serious concern and you should change your password immediately as well as raise it with them. With lemonfool, you decide how much it matters. If someone hijacks your account it's an inconvenience, and something posted in your name could be an embarrassment. But it's not exactly critical!
Unless you do something ultra-dumb like using the same login/password across other sites where it would really matter!
If it had been your bank or your broker, that would be a serious concern and you should change your password immediately as well as raise it with them. With lemonfool, you decide how much it matters. If someone hijacks your account it's an inconvenience, and something posted in your name could be an embarrassment. But it's not exactly critical!
Unless you do something ultra-dumb like using the same login/password across other sites where it would really matter!
-
- Lemon Quarter
- Posts: 4626
- Joined: May 31st, 2019, 7:55 pm
- Has thanked: 741 times
- Been thanked: 1471 times
Re: Should I be concerned?
I'm not concerned.
I'd imagine that for most posters that the links between them and lemonfool are likely quite direct. PC, ISP backbone, lemonfool. Little in the way of transitioning through networks that might be recorded for hacking purposes.
I'm OK with using old http style and changing my password once https is back up and running again, as others have said a potentially hacked lemonfool password isn't really that much of a issue.
I'd imagine that for most posters that the links between them and lemonfool are likely quite direct. PC, ISP backbone, lemonfool. Little in the way of transitioning through networks that might be recorded for hacking purposes.
I'm OK with using old http style and changing my password once https is back up and running again, as others have said a potentially hacked lemonfool password isn't really that much of a issue.
-
- The full Lemon
- Posts: 10942
- Joined: November 4th, 2016, 8:17 pm
- Has thanked: 1498 times
- Been thanked: 3041 times
Re: Should I be concerned?
UncleEbenezer wrote:So your lemonfool login credentials have been passed over an unencrypted connection. As have mine a couple of hours ago.
Whoops. That's not actually what's happening. Chrome's browser message there was totally misleading.
Like the OP, I shall await comment from the site managers.
-
- Lemon Quarter
- Posts: 4834
- Joined: November 14th, 2016, 7:33 pm
- Has thanked: 182 times
- Been thanked: 1397 times
-
- Lemon Half
- Posts: 9107
- Joined: November 4th, 2016, 1:16 pm
- Has thanked: 4140 times
- Been thanked: 10033 times
Re: Should I be concerned?
Just thought I'd add a note here to suggest that anyone who might have altered their local PC HOSTS file to cope with the site-slowness issue that was affecting Lemon Fool back in December is likely not to be seeing any browser issues regarding this recent change to SSL certification, because the current SSL issue is picked up during DNS resolution, which was potentially bypassed by anyone using the HOSTS file trick to fix to the earlier DNS-related slowness problem back in December...
As this SSL certification issue is hopefully likely to pass soon, and the December slowness issue has now gone away due to other beneficial work on the server side of things by Stooz, then I'd recommend that anyone who had previously altered their HOSTS file to cope with the December slowness issue now removes that HOSTS-file by-pass entry on their own systems...
If none of the above means anything to you, then please don't worry about it, but I know there were a few of us here who used the HOSTS file trick to get around the December slowness issue, and I just wanted to throw in a reminder that it might unnecessarily still be in place for anyone who did...
Cheers,
Itsallaguess
Just thought I'd add a note here to suggest that anyone who might have altered their local PC HOSTS file to cope with the site-slowness issue that was affecting Lemon Fool back in December is likely not to be seeing any browser issues regarding this recent change to SSL certification, because the current SSL issue is picked up during DNS resolution, which was potentially bypassed by anyone using the HOSTS file trick to fix to the earlier DNS-related slowness problem back in December...
As this SSL certification issue is hopefully likely to pass soon, and the December slowness issue has now gone away due to other beneficial work on the server side of things by Stooz, then I'd recommend that anyone who had previously altered their HOSTS file to cope with the December slowness issue now removes that HOSTS-file by-pass entry on their own systems...
If none of the above means anything to you, then please don't worry about it, but I know there were a few of us here who used the HOSTS file trick to get around the December slowness issue, and I just wanted to throw in a reminder that it might unnecessarily still be in place for anyone who did...
Cheers,
Itsallaguess
-
- Lemon Half
- Posts: 5411
- Joined: November 4th, 2016, 12:04 pm
- Has thanked: 3351 times
- Been thanked: 1060 times
Re: Should I be concerned?
<previous post deleted>
yes - Ive tried the hosts file entry of
91.146.105.202 http://www.lemonfool.co.uk lemonfool.co.uk
as that does indeed work.
which possibly suggests the DNS entries for
http://www.lemonfool.co.uk
lemonfool.co.uk
probably need updating (though Id imagine one of them would be a CNAME to the other)
didds
yes - Ive tried the hosts file entry of
91.146.105.202 http://www.lemonfool.co.uk lemonfool.co.uk
as that does indeed work.
which possibly suggests the DNS entries for
http://www.lemonfool.co.uk
lemonfool.co.uk
probably need updating (though Id imagine one of them would be a CNAME to the other)
didds
-
- Lemon Half
- Posts: 8027
- Joined: November 4th, 2016, 11:24 am
- Has thanked: 7 times
- Been thanked: 3097 times
Re: Should I be concerned?
TLF seems to be accessible at two IPs currently, 91.146.105.202 and 192.124.249.153, and the latter gets the SSL error and the former doesn't. So DNS and the certificate are out of sync with each other. viewtopic.php?p=610200#p610200
-
- Lemon Quarter
- Posts: 3286
- Joined: November 4th, 2016, 12:17 am
- Has thanked: 3121 times
- Been thanked: 1566 times
Re: Should I be concerned?
Apologies for the outage/warnings about the site.
Stooz had upgraded our SSL and the changes took a while to propagate across t'internet. So the SSL was out of line for a bit which made the site appear suspicious to some browsers.
Clariman
Stooz had upgraded our SSL and the changes took a while to propagate across t'internet. So the SSL was out of line for a bit which made the site appear suspicious to some browsers.
Clariman
-
- Lemon Quarter
- Posts: 4133
- Joined: November 4th, 2016, 9:24 am
- Has thanked: 3287 times
- Been thanked: 2869 times
Re: Should I be concerned?
Clariman wrote:Apologies for the outage/warnings about the site.
Stooz had upgraded our SSL and the changes took a while to propagate across t'internet. So the SSL was out of line for a bit which made the site appear suspicious to some browsers.
Clariman
It seems to have resolved itself chez kiloran over the past 15min or so
--kiloran
-
- Site Admin
- Posts: 1468
- Joined: November 3rd, 2016, 11:03 pm
- Has thanked: 10 times
- Been thanked: 502 times
Re: Should I be concerned?
Hi all,
yes it was a large outage, for the technical among you, there is a new DNS IP, routing through a new firewall. The SSL needed updating to relate and this should have been seamless, but is now back up and running.
There may be more outages, but certainly not planned. But only that there is more work being done, so its possible.
The side benefit is the firewall has a CDN, meaning page delivery may improve.
There is also blockers from the sort of server errors we have had in the past which will be bypast from the site, keeping it up and running.
Thank you for your patience. - Any "planned" outages will be informed through the announcements board.
yes it was a large outage, for the technical among you, there is a new DNS IP, routing through a new firewall. The SSL needed updating to relate and this should have been seamless, but is now back up and running.
There may be more outages, but certainly not planned. But only that there is more work being done, so its possible.
The side benefit is the firewall has a CDN, meaning page delivery may improve.
There is also blockers from the sort of server errors we have had in the past which will be bypast from the site, keeping it up and running.
Thank you for your patience. - Any "planned" outages will be informed through the announcements board.
-
- Lemon Quarter
- Posts: 1828
- Joined: November 13th, 2016, 3:41 pm
- Has thanked: 1432 times
- Been thanked: 662 times
-
- Site Admin
- Posts: 1468
- Joined: November 3rd, 2016, 11:03 pm
- Has thanked: 10 times
- Been thanked: 502 times
Re: Should I be concerned?
There is nothing stopping the way you get here, but there is controls around ads based on location, so if the VPN is sending you here via brazil who have different consent laws you may have difficulty or repeated consent popups as the VPN fakes your location
-
- Lemon Quarter
- Posts: 4506
- Joined: November 8th, 2016, 11:14 pm
- Has thanked: 1637 times
- Been thanked: 1639 times
Re: Should I be concerned?
On my usual IP address the site puts up a message saying I have been banned for 24 hours based on my IP address. Using VPN the site seems to work fine.
GS
GS
-
- Site Admin
- Posts: 1468
- Joined: November 3rd, 2016, 11:03 pm
- Has thanked: 10 times
- Been thanked: 502 times
Re: Should I be concerned?
could you send me a screengrab of that there is no banning software unless its something google have added...
stooz @
lemonfool.co.uk
thanks
stooz @
lemonfool.co.uk
thanks
-
- The full Lemon
- Posts: 12636
- Joined: November 8th, 2016, 7:21 pm
- Been thanked: 2609 times
Re: Should I be concerned?
stooz wrote:could you send me a screengrab of that there is no banning software unless its something google have added...
stooz @
lemonfool.co.uk
I don't think the securi.net firewall agrees with you: viewtopic.php?p=610251#p610251
et al.
Return to “Suggestions to Improve the Site”
Who is online
Users browsing this forum: No registered users and 1 guest