Maintenance Just Anime Forums is now more secure!

We've made the move to adding SSL to the site. What does this mean to you? Well it means that any connection to the forums is secured. This was something we really wanted to add to the forums, since there are accounts, but other things took priority unit now. The addition of SSL will have no negative impact on the usability of the forums. There is still some work we're doing. Firefox users may notice this padlock icon on some pages:

We're working to get this resolved by ensuring everything the forums load is using the new secure connection.

What is https?

Instead of HyperText Transfer Protocol (HTTP), this website uses HyperText Transfer Protocol Secure (HTTPS).

Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

They use the "code" on a Secure Sockets Layer (SSL), sometimes called Transport Layer Security (TLS) to send the information back and forth.

Why are we moving to https?

With the community expanding we are starting to work on new sites for everyone to enjoy. JustAnimeForum will serve as a central forum for every site with the JAN brand. With our network growing we do not want any of our user's personal information (emails, forum passwords) to be compromised. 3 new sites are in the works and we want to have one secure location for all members to communicate. Having a trusted forum in good standing makes it less likely to go down in the event one of our sites experiences technical issues (such as the false phishing warning we had on JDO).

How will this effect me?

In short, it probably won't. "Only links/images outside of messages need the HTTPS added. The forum has the ability to proxy messages and signature links/images, so those are okay." One thing we have noticed is that some members are not having their sig rotator (more specifically sig.grumpybumpers) working. Mine for instance will be about 50/50 working/not working.

If anyone has any questions feel free to post below.

We thank you all while we make you Just Anime Forum's experience better!

 

@Kiri the system was down for 10 minutes or so this morning this is your fault! you should be punished for causing me a user pain and suffering!!!

Just kidding good work!

 

@Kiri
I feel better now. I noticed that part of the forum was not present, the security part like that. Now I can feel better about donations. Thank you for the protection.

 

Cpt_K3nny is a princess! Nice, Kiri.

 

Google Chrome shows no padlock at all, but does show HTTPS. It does say that it was verified and of course, says that there are resources that are not secured (such as that grumpy bumper link to rotate the banner/logo).

Just in case someone is wondering why they don't see a padlock in Chrome.

 

I noticed that as well. That should really be the only "unsecured" connection as of now (if you find another, please let me know). I'm brewing up a Java solution (get it) to hopefully eliminate the need for that service.

 

Aww I see what you did there good one

 

GrumpyBumpers does provide the source code, but it's a CGI script (Perl) with the use MySQL (to store accounts). PHP can do the same thing, and probably faster than Java. Something simple like:

PHP:

<?php
$i = rand(0,6); //you can use mt_rand() instead of rand() if the results aren't going very well.
switch($i)
{
case 1:
echo "<img src='-link here-'></img>";
break;
case 2:
//new image
break;
case 3:
//so on and so forth
break;
default:
//main logo to show if a number doesn't match one of the above cases
}
?>


Might do the trick. Then update the .htaccess file to have your server process whatever image you don't normally use elsewhere to process the fake image as a php file, PNG provides the best quality if you're manipulating images and adding text to it. But as a rotation, any extension will probably work, but make sure it's one that isn't commonly used but supported by multiple web browsers, like bmp. Stick the trick image and the .htaccess file in a sub-directory and it won't interfere with the rest of the forum if it uses the file extension that you're using for the fake one.

By the way, I've used the above in a signature image to give the viewer their IP address and the web browser. It's a nifty little trick. xenForo doesn't appear to appreciate it though, since the image doesn't get refreshed and provide a different result, even in different pages.

I forgot to mention, but this may save the hassle of depending on clients to have the Java plugin either installed or at the very least, enabled.