blackbox Posted December 13, 2021 Share Posted December 13, 2021 (edited) It is possible for a server to serve both a http page and a https page. This is really a best option as if someone cannot access the https for whatever reason, they can fall back to the http. It can happen several ways- someone can type https and go to the https and someone can type http and go to the http page- my preference. Some sites put in an auto-redirect from http to https, which I find less helpful as a problem with https will lock you out.. With the present gameshelf server settings I can access the http pages but I cannot access the https pages as the server settings use only ECDHE or ECDSA - and my ancient browser doesn't have those. There are other ciphers equally secure - and used by other https pages! - but they are falling out of favour. bb Edited December 13, 2021 by blackbox Quote Link to comment Share on other sites More sharing options...
+arcadeshopper Posted December 13, 2021 Share Posted December 13, 2021 OK done. It was really 1 click and totally free. Now https://tigameshelf.net shows up as secure, but http://tigameshelf.net is still insecure. I thought you could not access a secure site without https. Am I missing something? Http is unsecure you can force http to https if you want or leave it available to those that wish to use itSent from my Pixel 6 Pro using Tapatalk 1 1 Quote Link to comment Share on other sites More sharing options...
+Schmitzi Posted December 13, 2021 Share Posted December 13, 2021 27 minutes ago, Vorticon said: OK done. It was really 1 click and totally free. Now https://tigameshelf.net shows up as secure, but http://tigameshelf.net is still insecure. I thought you could not access a secure site without https. Am I missing something? Maybe there this is another click in the control-panel to redirect that http to https ? (So it is at my provider) ...or via the index.html file ? 1 Quote Link to comment Share on other sites More sharing options...
SteveB Posted December 13, 2021 Share Posted December 13, 2021 ... just requested the SSL certificate for lizardware.de ... one is free in my package. Is it "National-make-our-Web-safe" Day ? 2 2 Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted December 13, 2021 Author Share Posted December 13, 2021 16 minutes ago, Schmitzi said: Maybe there this is another click in the control-panel to redirect that http to https ? (So it is at my provider) ...or via the index.html file ? There is and I clicked it, but it didn't seem to do anything. I guess I'll leave it to the user to select their security level. I've done all I can to save them ? Actually Firefox does indeed redirect to https whereas Chrome does not. Interesting... 2 1 Quote Link to comment Share on other sites More sharing options...
SteveB Posted December 13, 2021 Share Posted December 13, 2021 There is a setting in Firefox "enforce https". If deactivated it stays on http. You may define a rewrite-rule in .htaccess in some webservers to force the redirection to https on the server-side: RewriteEngine On RewriteCond %{SERVER_PORT} !=443 RewriteRule ^(.*)$ https://example.com/$1 [R=301,L] 2 1 Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted December 13, 2021 Author Share Posted December 13, 2021 13 minutes ago, SteveB said: There is a setting in Firefox "enforce https". If deactivated it stays on http. You may define a rewrite-rule in .htaccess in some webservers to force the redirection to https on the server-side: RewriteEngine On RewriteCond %{SERVER_PORT} !=443 RewriteRule ^(.*)$ https://example.com/$1 [R=301,L] Actually it turned out Chrome has a similar option, and when I set it now it redirects to https. 1 Quote Link to comment Share on other sites More sharing options...
blackbox Posted December 13, 2021 Share Posted December 13, 2021 And now I can no longer access tigameshelf So I guess your website is now extremely secure for me. I can't see it. Thanks very much. bb 1 Quote Link to comment Share on other sites More sharing options...
+Schmitzi Posted December 13, 2021 Share Posted December 13, 2021 20 minutes ago, blackbox said: And now I can no longer access tigameshelf So I guess your website is now extremely secure for me. I can't see it. Thanks very much. bb What browser and version do you use ? I´ve rechecked both (http and https) and works fine (with FireFox 95.0) Quote Link to comment Share on other sites More sharing options...
+arcadeshopper Posted December 13, 2021 Share Posted December 13, 2021 And now I can no longer access tigameshelf So I guess your website is now extremely secure for me. I can't see it.Thanks very much. bbWorks here. Can you post a picture of what you're getting?Sent from my Pixel 6 Pro using Tapatalk Quote Link to comment Share on other sites More sharing options...
+Schmitzi Posted December 13, 2021 Share Posted December 13, 2021 1 hour ago, SteveB said: ... You may define a rewrite-rule in .htaccess in some webservers to force the redirection to https on the server-side: RewriteEngine On RewriteCond %{SERVER_PORT} !=443 RewriteRule ^(.*)$ https://example.com/$1 [R=301,L] yeah, this (and not the index.html) now I remember the struggle at the first time Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted December 13, 2021 Author Share Posted December 13, 2021 1 hour ago, blackbox said: And now I can no longer access tigameshelf So I guess your website is now extremely secure for me. I can't see it. Thanks very much. bb Oh no... Not sure why though. It works in both Chrome and Firefox. Quote Link to comment Share on other sites More sharing options...
+OLD CS1 Posted December 14, 2021 Share Posted December 14, 2021 3 hours ago, Vorticon said: OK done. It was really 1 click and totally free. Now https://tigameshelf.net shows up as secure, but http://tigameshelf.net is still insecure. I thought you could not access a secure site without https. Am I missing something? There may be a setting on the website to disable non-secure, redirect from non-secure, or force secure. 3 hours ago, Vorticon said: Is there a .onion domain? That would be hilarious! Only on the "dark web." WOOooooooOOOooooOOoOO!!!! Quote Link to comment Share on other sites More sharing options...
+OLD CS1 Posted December 14, 2021 Share Posted December 14, 2021 3 hours ago, blackbox said: With the present gameshelf server settings I can access the http pages but I cannot access the https pages as the server settings use only ECDHE or ECDSA - and my ancient browser doesn't have those. There are other ciphers equally secure - and used by other https pages! - but they are falling out of favour. bb I had a similar problem with my Sendmail configurations. By default, Sendmail does not compile with ECDHE ciphers enabled, so I was unable to communicate with any Windows 2019 servers. Confirmed below, the site is only allowing ECDHE ciphers, which is unnecessarily strict when DHE and even some RSA ciphers are still good. Not sure if that can be corrected, but maybe leaving the http site available just-in-case is a good option. PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | TLSv1.2: | ciphers: | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A | compressors: | NULL | cipher preference: server |_ least strength: A 1 1 Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted December 14, 2021 Author Share Posted December 14, 2021 OK I removed the forced https option. Hopefully this will allow access to all. 1 1 Quote Link to comment Share on other sites More sharing options...
+OLD CS1 Posted December 14, 2021 Share Posted December 14, 2021 29 minutes ago, Vorticon said: OK I removed the forced https option. Hopefully this will allow access to all. BITD I used to have a link to the secure side of my websites, for those who wanted the extra security. Mostly this was on my webmail pages. Believe it or not, we had customers who could not load secure pages (mostly old Mac Netscape hold-outs... even my Amiga could load SSL pages. Sheesh.) I would expect modern browsers to try a secure connection before falling back to http, but it appears they still default to non-secure. Ah, well. At least the option is there, now, and will be immediate available for people using SSLEverywhere or the like. Quote Link to comment Share on other sites More sharing options...
Ed in SoDak Posted December 14, 2021 Share Posted December 14, 2021 Checked just now on Mac PPC Safari 4.1.3 (2010) and gameshelf loads fine as http. Safari that old won't work a'tall with anything https. Should be working again for @blackbox. 2 1 Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted December 14, 2021 Author Share Posted December 14, 2021 My conscience is now clear ? 1 Quote Link to comment Share on other sites More sharing options...
Cheung Posted May 24, 2023 Share Posted May 24, 2023 Any news on when the next update to TI Game Shelf might be? I sent an email to the site admin about a month ago but didn't get a reply. Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted May 25, 2023 Author Share Posted May 25, 2023 On 5/23/2023 at 9:53 PM, Cheung said: Any news on when the next update to TI Game Shelf might be? I sent an email to the site admin about a month ago but didn't get a reply. Can you resend? I don't recall receiving that email. As for the update, it depends on my free time availability but I do eventually get to it This is a hobby after all. 3 2 Quote Link to comment Share on other sites More sharing options...
Sergioz82 Posted May 26, 2023 Share Posted May 26, 2023 23 hours ago, Vorticon said: Can you resend? I don't recall receiving that email. As for the update, it depends on my free time availability but I do eventually get to it This is a hobby after all. I dropped by to say thank you for putting Bio Meteor on your website. When you have time, I noticed the manual is incorrect, it's the Spac Man manual 2 Quote Link to comment Share on other sites More sharing options...
Switch1995 Posted May 26, 2023 Share Posted May 26, 2023 Love TI Gameshelf. Thank you, Vorticon!! 3 1 Quote Link to comment Share on other sites More sharing options...
Cheung Posted May 29, 2023 Share Posted May 29, 2023 On 5/25/2023 at 3:12 PM, Vorticon said: Can you resend? I don't recall receiving that email. As for the update, it depends on my free time availability but I do eventually get to it This is a hobby after all. Just resent the email. Sorry for the delay, I didn't get notice of the response or updates to this thread even though I am following it. Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted May 31, 2023 Author Share Posted May 31, 2023 On 5/29/2023 at 7:02 AM, Cheung said: Just resent the email. Sorry for the delay, I didn't get notice of the response or updates to this thread even though I am following it. Found it in my Spam folder. I'll review the games over the next 2-3 weeks. Thanks for sharing! 1 Quote Link to comment Share on other sites More sharing options...
+Vorticon Posted May 31, 2023 Author Share Posted May 31, 2023 On 5/26/2023 at 2:03 PM, Sergioz82 said: I dropped by to say thank you for putting Bio Meteor on your website. When you have time, I noticed the manual is incorrect, it's the Spac Man manual Sergio, can you send me the correct manual? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.