Welcome to Laser Pointer Forums - discuss green laser pointers, blue laser pointers, and all types of lasers

Buy Site Supporter Role (remove some ads) | LPF Donations

Links below open in new window

Website certificate issue?

Durge

Durge

0
Joined
Dec 23, 2017
Messages
29
Points
3
I used LPF yesterday with no issue, but today, google has flagged the site. I'm really not sure the reason for the flag, and I don't have any other devices at the moment to test it, so I was wondering if anyone else was having this issue? Basically, whenever accessing any of the LPF for the first time today, I was met with a message that either LPF was unable to authenticate itself, or my connection was being intercepted by attackers. Also, the https part of the url is crossed out in red, so I know the message wasn't a spoof. It seems strange that only LPF would be targeted by a hack, and not something more vital like my email or prefered payment site for example. I haven't made any hardware changes, and I'm using the same private wifi connection that I used last night before I received this message. Maybe the issue is a result of some malicious ads or the change in site layout? Maybe a certificate has expired, idk. Anyways, I'll leave some screenshots of whats going on.

Screenshot_20180928-151152.pngScreenshot_20180928-151743.pngScreenshot_20180928-151808.png
 





This happened to me before, but it's just you. Clear your cache, and cookies (and your history, unless you need it).
 
Could be a caching problem indeed. The letsencrypt certificates work well, but they have a pretty short lifetime (90 days afaik). Maybe you system held on to a previous one that was outdated and a good reload can do miracles there.
 
It appears that the certificate issue just returned. It re-appeared upon closing the browser and reopening it. I've had chrome open since this morning, and I just closed all apps to discover the website misbehaving again. Clearing all cache, cookies, saved data, and history on all sites didn't fix the problem this time. I'm on my phones native google chrome, and don't have any other devices to test it. Maybe it's a result of the upgrades to the site?

That being said, I think it should be brought up to those who maintain the site. I'm going to get the typical response that it can simply be ignored, or the obscure one like using a vpn. However, anyone who receives the site-blocking message from google actually has to click the "advanced" link, then click "proceed to this site anyways (unsafe)". The type of language being used by google is enough to deter the majority of new traffic to the website, assuming new traffic is encountering the message. I certainly wouldn't have entered the site if I wasn't aware that it had received recent maintenance, and concluded that this was the cause of the issue. Having a message from google that deters new traffic, and potentially unexpecting members could be harmful to the site as a whole, and even stagnate ad revenue generated by the site in-order to keep it running. Therefore, I think it necessary to address this issue. I'm open to the idea that it's just my phone thats having the issue with the updated certificates, but if thats not the case, and atleast some other users are experiencing the issue, it should be looked into.Screenshot_20180928-232607.png
 
Last edited:
researching this but cant reproduce issue from my end. thanks for reporting it. suspect may be local problem but still researching
 
Durge, is this only happening with LPF? Or have you noticed it with other sites. I've seen SSL errors before on desktops, and it turned out to be something stupid like the system time was wrong. Not saying that's the problem here, but there is so many reasons why your device could be not recognising LPF's SSL certificate. I have also seen unnecessary security messages that seem to be stuck on loop before on Android too, with no apparent easy fix. I hope you figure out the problem, but it sounds local and not an immediate issue with the forum itself.

Edit: This may not help, but worth posting anyway just in case it does. link
 
Last edited:
CurtisOliver said:
Durge, is this only happening with LPF? Or have you noticed it with other sites. I've seen SSL errors before on desktops, and it turned out to be something stupid like the system time was wrong. Not saying that's the problem here, but there is so many reasons why your device could be not recognising LPF's SSL certificate. I have also seen unnecessary security messages that seem to be stuck on loop before on Android too, with no apparent easy fix. I hope you figure out the problem, but it sounds local and not an immediate issue with the forum itself.
Click to expand...
I've not had an issue on any other site, and I figured this was probably because LPF was updated recently. I've since turned my phone on and off, and now the site is recognized as secure. It's been a bit figity all day. I guess my phone didn't like that the new certificates differed from the old. I'll keep an eye out to see if any returning members have the same issue, as I suspect it's just the device flagging the site for having different authentication than it did before the update. In lui of this, the warning will likely only occur for people who visited the site before the update, and not after.
 
We'll just have to wait and see if others report the same problem. Glad it's resolved for now.
 
I use Google Chrome in my laptop's desktop and use it to access LPF without any problems I can find. I changed over to Chrome when Outlook on Microsoft changed their email options and I could no longer access LPF from my email. It has workout fine for me this past 18 months or so.
 
Good to here the issue is gone after restarting your phone - it could have been some caching info.

I'm sure if this happens to a large number of visitors we'll hear more about it, but sometimes you get a fluke like this which is impossible to reproduce as a website developer... It happens from time to time, and i know it can be a pain in the behind.

Using a VPN shouldn't make a difference though: https encryption is end to end, all the way between the lpf server and your computer/phone/etc - even the owner of the VPN cannot see what pages you are reading here or what you are posting, but they can see that you visit this website in general. The benefit of the VPN here is that your ISP cannot see which sites you visit any longer.
 
You must log in or register to reply here.


Back
Top