stormmaster
Member
I like viking/migration era swords
Posts: 7,647
|
Post by stormmaster on Nov 23, 2018 7:18:42 GMT
sfi has been screwed up like that for a while now, at least 3 years
|
|
|
Post by ekster on Nov 27, 2018 23:03:14 GMT
sfi has been screwed up like that for a while now, at least 3 years I've contacted them about it once and they said they were working on it.
So is SFI really infected with viruses or is it just some weird script causing false positives? I'd like to know whether I can safely visit it again.
|
|
stormmaster
Member
I like viking/migration era swords
Posts: 7,647
|
Post by stormmaster on Nov 27, 2018 23:39:03 GMT
ive never gotten viruses per say, i have a good antivirus i guess if u have a good antivirus it should be fine?
|
|
|
Post by RickDastardly on Nov 27, 2018 23:47:21 GMT
Unless something new has happened, I've talked to SFI staff about that too. It's from an old (and known about in the trade) exploit hiding somewhere in the code that hooks incoming search results (like from google) and redirects the browser to a spam site instead. It only does so occasionally though, so as to be less noticeable.
I don't know if SFI fixed that issue (it needs a reinstall of the forum software to do so, probably). I have a local workaround for the issue so I'm not affected by it. Because of that, SFI is listed in the 'unsafe sites' blacklist database and that is what triggers some all-encompassing security products to alert you to a problem. As I said, unless something new has happened, it's not actually a virus on the site. Just that database entry being read by the security software. If the redirect hack is still active though, and you get redirected to the spam site from a google search hit, that site could have anything on it!
|
|
|
Post by ekster on Nov 28, 2018 0:03:26 GMT
I did notice that visiting SFI via Google is almost guaranteed to trigger a virus warning, but when I go there directly it doesn't always happen. The reply I got from SFI was as follows:
"right now, the server engineer is going through the site architecture line-by-line. Hopefully we’ll have the culprit identified soon. Thanks for your patience"
This was in October 2017 btw.
|
|
|
Post by Jordan Williams on Nov 28, 2018 1:24:16 GMT
Unless something new has happened, I've talked to SFI staff about that too. It's from an old (and known about in the trade) exploit hiding somewhere in the code that hooks incoming search results (like from google) and redirects the browser to a spam site instead. It only does so occasionally though, so as to be less noticeable.
I don't know if SFI fixed that issue (it needs a reinstall of the forum software to do so, probably). I have a local workaround for the issue so I'm not affected by it. Because of that, SFI is listed in the 'unsafe sites' blacklist database and that is what triggers some all-encompassing security products to alert you to a problem. As I said, unless something new has happened, it's not actually a virus on the site. Just that database entry being read by the security software. If the redirect hack is still active though, and you get redirected to the spam site from a google search hit, that site could have anything on it! It happens to me literally everytime I use the site. I have to exit the page, then re open the sfi page.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Nov 28, 2018 1:53:20 GMT
Mark doesn't care about the Google Bing and other search engines factor and has yet to update the forum software. Use direct links and search within or through archive.org.
There was a known bb bug and has returned a few times. Hence the upgrade Mark has yet to do.
Whatever
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 2, 2018 16:12:51 GMT
To SBG moderators, IT and you Paul.
Whatever you just did regarding http vs https sites screws up linking to perfectly safe sites.
Merry effin Xmas
|
|
Vais
Member
Sorting through the mess
Posts: 3
|
Post by Vais on Dec 2, 2018 17:48:31 GMT
Hmm could be the cookies or the browser itself, does it need to updated for you? I've had that issue before with other sites.
|
|
|
Post by csills2313 on Dec 3, 2018 17:33:32 GMT
To SBG moderators, IT and you Paul. Whatever you just did regarding http vs https sites screws up linking to perfectly safe sites. Merry effin Xmas I noticed that some of the links that were posted were no longer working now. Implementing Website security is a real pain. Better to be safe than sorry I guess.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 4, 2018 2:44:21 GMT
To SBG moderators, IT and you Paul. Whatever you just did regarding http vs https sites screws up linking to perfectly safe sites. Merry effin Xmas I noticed that some of the links that were posted were no longer working now. Implementing Website security is a real pain. Better to be safe than sorry I guess. Yet, stupidity knows no bounds. Relegating all http sites as invalid is a stupid approach, as all required to be https may take another decade. On an informational site (such as this board might hope to be), what has happened in this last "improvement" is about ten steps backwards.
|
|
admin
Site Admin
Posts: 2,088
|
Post by admin on Dec 4, 2018 7:38:07 GMT
To SBG moderators, IT and you Paul. Whatever you just did regarding http vs https sites screws up linking to perfectly safe sites. Merry effin Xmas More info please, something is preventing outgoing links because our site has https instead of http? I don't quite understand what you are referring to..
As to the other stuff raised here - all SBG sites are https secure now - its becoming an internet standard practice now. Its also not uncommon that sites that use a lot of older apps or images may break the security - on the forum I thought it was the advertisers box at the bottom, but that wasn't it - could be the shoutbox or could be in the header or something, I don't know.. I is purely cosmetic though - the forum is a premium hosted forum by forums.net, so it has extremely good security..
Images are a different thing, it could be that the image is over 2mb in size, we did not have a limit before, so chances are that is why the image cannot be loaded.
Think that's about it - there may be this warning, but the site is as secure if not more secure than most others..
|
|
|
Post by AndiTheBarvarian on Dec 4, 2018 11:56:53 GMT
I don't know anything about the http/https problem, but since a few weeks I can't attach downloaded pictures from a google search or wikipedia, even 15 kb sized. They can have a .png or. jpg ending but uploading stops with an error. IrfanView on my pc says that they're missnamed webp-files and I can transform them into real .jpg or others which I can attach as before. It seems the sbg-forum's add attachment function doesn't accept webp files.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 4, 2018 13:36:20 GMT
To SBG moderators, IT and you Paul. Whatever you just did regarding http vs https sites screws up linking to perfectly safe sites. Merry effin Xmas More info please, something is preventing outgoing links because our site has https instead of http? I don't quite understand what you are referring to..
As to the other stuff raised here - all SBG sites are https secure now - its becoming an internet standard practice now. Its also not uncommon that sites that use a lot of older apps or images may break the security - on the forum I thought it was the advertisers box at the bottom, but that wasn't it - could be the shoutbox or could be in the header or something, I don't know.. I is purely cosmetic though - the forum is a premium hosted forum by forums.net, so it has extremely good security..
Images are a different thing, it could be that the image is over 2mb in size, we did not have a limit before, so chances are that is why the image cannot be loaded.
Think that's about it - there may be this warning, but the site is as secure if not more secure than most others..
An example, a poster trying to link KOA in this thread sbg-sword-forum.forums.net/thread/56076/2018-holliday-giveaway?page=1&scrollTo=759463Example in this thread sbg-sword-forum.forums.net/thread/56076/2018-holliday-giveaway?page=1&scrollTo=759463and an example here, where the linking is adding https to an http site and resulting in messing with the way the site reads sbg-sword-forum.forums.net/thread/56048/janusz-jaros-awski-sword-booksThese issues are not occurring on other boards and formats, so something changed here at SBG soon after this thread began. I first noticed it in posting on November 30.
|
|
|
Post by RickDastardly on Dec 4, 2018 14:19:21 GMT
Let me just test something:
Testing done. I tried entering a link, using both the 'link' icon and by directly entering the BB code. Each link I also tried as
www.somelink.com
h t t p ://somelink.com
https://somelink.com All of them ended up as an https link after posting. So the site software is forcing an https protocol in posts. Note that the h t t p in the second line above gets removed if I don't space it out like that to disguise what it should be.
Unfortunately, for instance, the link to KOA then fails because their server clearly doesn't like the https. If you change the link (in the browser bar after failing https) to http it works.
Same with the SFI link from the list of links in the post above.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 4, 2018 17:17:17 GMT
Let me just test something:
Testing done. I tried entering a link, using both the 'link' icon and by directly entering the BB code. Each link I also tried as
www.somelink.com
h t t p ://somelink.com
https://somelink.com All of them ended up as an https link after posting. So the site software is forcing an https protocol. Note that the h t t p in the second line above gets removed if I don't space it out like that to disguise what it should be.
Unforuntaly, for instance, the link to KOA then fails because their server clearly doesn't like the https. If you change the link (in the browser bar after failing https) to http it works.
Same with the SFI link from the list of links in the post above.
Uh huh All of them ended up as an https link after posting. So the site software is forcing an https protocol. Note that the h t t p in the second line above gets removed if I don't space it out like that to disguise what it should be.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 4, 2018 17:18:39 GMT
I noticed that some of the links that were posted were no longer working now. Implementing Website security is a real pain. Better to be safe than sorry I guess. Yet, stupidity knows no bounds. Relegating all http sites as invalid is a stupid approach, as all required to be https may take another decade. On an informational site (such as this board might hope to be), what has happened in this last "improvement" is about ten steps backwards. Uh huh adding this which I meant to link edelweiss Avatar Dec 2, 2018 10:48:01 GMT -5 edelweiss said: A OK. JF, is an unknown as to his full name. 1865 was late in the conflict but there were over 20,000 swords delivered by Ames that year. An additional note is that this example's blade was likely produced early in 1864, as the marking dies (rolled onto the blade) were wearing out. You will find both 1864 and 1865 dated swords bearing the later arched makers mark. //www.relicman.com/weapons/W0746.html `````````````` and way to go SBG for screwing around with http vs https sites..............this blows chunks Paul dude readers, copy and paste the link beginning with www ~~~~~~~~~~~~~~~~~~~~~~~~ another edelweiss Avatar Dec 1, 2018 21:04:46 GMT -5 edelweiss said: I'm not sure what sites and forums you are regarding but those stating that probably just don't have a lot of exposure to the swords, or are not familiar with the notes. There was no 1862 contract, as the ordnance board was still waiting for completion of the 1861 contract. Those delivered in 1862 are dated such, as that goes along with the inspection. I'd write that off as not interpreting the numbers correctly. I know my math is a little off and with the bulk delivered in February, that could be contentious but I don't think it was just a weather issue. Here ya go, let me Google that for you. //www.horsesoldier.com/products/edged-weapons/swords/26625 ~~~~~~~~~~~~~~~~~~~ I guess I shouldn't seem so infuriated due to the shortcomings of others and I know all to well what moderators and staff go through but apparent issues should be caught by those responsible for sweeping. My own ranting isn't too hard to find.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 6, 2018 15:52:57 GMT
|
|
|
Post by RaylonTheDemented on Dec 6, 2018 15:55:49 GMT
|
|