Not Secure message

On my phone and computer both, I'm getting a "Not secure" message in red by the site address every time I go to post. Is this a forum issue, or something with my computer and phone?

 

It is a flag left over from an old IP address that was later given to V8 Buick which this Board then swapped out for another clean IP address. JW can verify if my diagnosis is correct.

 

I have seen this too

 

This is because the site does not use a certificate which would give it an "https" secure URL

Using a certificate encrypts information sent between your browser and the site and vice versa. This protects usernames and passwords from being 'sniffed' on an insecure network.

If you ever use a gas station, Starbucks or McD wi-fi and browse any insecure site all of your communication is easily captured and examined by any other device on the same network.

Bob

 

So, long story short (I'm not a tech guy whatsoever, I don't even own a computer), it's fine and safe to use and post on here?

 

As long as you don't use the same username and password combination on any other site as you do here then the worst case scenario is your account on here gets compromised.

One of the biggest mistakes people make is using the same password for everything. Weakest link and all that. If someone gets your password for here it doesn't take much sleuthing to find your real name, address and if it links to your FB page then a whole bunch of other personal details are obtainable. Next stop - your PayPal, eBay, bank, retirement accounts...

Bob

 

Luckily the only places they'll get to are here, my big block Ford forum, and my pro-touring forum memberships haha....

 

"Not Secure' shows on the upper left of my laptop screen. Changed to Firefox. Better now.

 

I just changed my OS and now I'm getting the Not Secure flag-any ideas?

 

Folks can use HTTPS, instead of HTTP, or simply "v8buick.com".

The web hosting may be able to be set to redirect the following:

htttp://www.v8buick.com
www.v8buick.com
htttp://v8buick.com
v8buick.com

to:
htttps://www.v8buick.com
and/or
htttps://v8buick.com

And that would eliminate the "security" messages, while directing all traffic to the secure protocol, and also any old links anywhere on the interwebs or older links in v8buick threads.

The "security" issue is information being sent in "plaintext" and not "encrypted" between a user's computer(client) and the wesebsite(server).

 

All that is going on here folks is the SSL Certificate Expired.. something that typically gets renewed automatically, but I moved some financial stuff around this last year and must have forgot to transfer the SSL renewal to a new payment source..

There is no security compromise, we have not been hacked, just click thru the ominous warning screens on your devices.

As far as I can tell, SSL certificates are one of those BS things you have to buy every year, or your device/browser goes haywire.. it's a scam if you ask me, I have yet to hear how having that certificated does anything but quiet the warning screens. I mean, if your a scammer, your gonna buy the certificate.. it's not like there is an FBI background check involved here.

I did not see this until I logged on at 7am this morning, was not online at all yesterday, I took a "mental health day" away from the internet. Good to have one of those every once in a while, but wouldn't you know it, my super reliable website goes tits up the one day I am gone... I open my email this morning and have all kinds of frantic messages. Appreciate the heads up, but no big deal folks.

I have a call into Mike to take care of this, I would expect we will be back in the clear by this afternoon.

Thanks
JW

 

Thanks Jim. I was able to get on by using my V8Buick name and my password. Vet

 

Turns out Mike is working out of town, and of course, the passwords and info we need to get the certificate renewed are sitting on his desk at home.. He will be back Weds, and we will get things taken care of promptly after that.

JW

 

The certificate is issued to the listed authority of the web host/DNS entry.

A scammer would be hard pressed to use yours. They could of course create their own site and certificate.

There are free security certificate issuers these days. I use one called "Let's Encrypt" This has a maximum life span of 90 days, but the software lets me configure it to auto update before expiration.

It's a pain, but it works and it's free.

Jim is right that this is kind of a scam. The standard used to be that only sites that did financial transactions needed security certificates, but the browsers now all complain if ANY site doesn't have them. In order to avoid these warnings, every site now has to have certificates.
'

 

Jim, this is just ANOTHER REASON to say "THANKS!" for all you do to make V8Buick.com a super resource for all of us. You and the website are very appreciated, although many of us may not think to tell you that (me included until now). John in Wisconsin

 

Back to normal screens for me today. Joy Joy! Thanks Jim

 

Appreciate it guys.. we are back to normal.

JW

 

We like NORMAL ......

 

When I saw that message I just waited to see what was happening, I hadn't seen that certificate message for a long time, used to get it on old computer it could not update so I got it for all websites and had to say it was ok to go there, here I decided to wait for a few days and I see all is good now. At least you can expect this to happen if our IT guy is out of town during January, but not likely to happen again but at least we know what that looks like now.

 

Hope this one isn't too much...