Welcome, Guest
Username: Password: Remember me
1. The "search..." box above searches the Docs & Forum Posts. The "Search" tab above just searches the Forum Posts. :side:
Please use these to search for your issue *before* creating a new message topic, as your issue may have been previously solved.
2. Please put your Club # and Club Web Address in your Forum Signature (best) OR in each post to get faster support from us.
Click here to edit your signature at the bottom of the Profile Information tab.
3. Our user and admin docs are available at: support.toastmastersclubs.org/doc "There's a doc for that!" ;)
4. There is an "Opt In" Feature for newly added members. The Opt In document explains the strikethrough member information. Click Here to View the Post
5. When posting a New Topic , please include all relevant details and be specific. When did your issue 1st occur? What operating system, browser, & browser version are you using? Did you refresh your browser cache? Are your cookies enabled? Lastly, a screen shot is often helpful.
6. Please abide by the Terms of Use . We are volunteers contributing our spare time. We are happy to assist you, so long as you are respectful and courteous.
7. We are always looking for new FreeToastHost Ambassadors to join our team and support fellow Toastmasters in their use of the FreeToastHost website system. If you are familiar with the system and have some interest, send a Send Us a Private Message.
  • Page:
  • 1
  • 2

TOPIC:

FreeToastHost HTTPS Support 7 years 2 days ago #61976

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
FreeToastHost now supports the use of HTTPS (Secure) access for websites using the toastmastersclubs.org based domains. We have acquired a wildcard security certificate for these domains.



At this time, websites with custom domain names cannot be supported, as we do not control/register those domain names, and cannot therefore do anything about the security certificate that would be required to be installed in their DNS records. If anyone has any technical insights to share about how to make this possible via available no-cost, open-source, or other simple approaches, feel free to share. :)

At this time, if you access your website via a toastmastersclubs.org domain, the system will automatically detect this and automatically switch you to HTTPS access if you are not already using that. This automatic switch will not occur for websites with custom domain names. (unless you access those websites via the alternate clubnumber or website alias approach)

Moreover, while we have done testing to verify our implementation strategy, keep in mind that this is essentially new functionality. Please let us know if you find any problems. Also, your content plays a part in this... If you reference insecure content, you will break the security of any webpage in which it is used. We do try to do some reasonable fixes to your content before displaying it in a webpage, but our generalized approach will only work w/ FTH server hosted content and is not likely to be foolproof--you need to look at your content to determine which of it is not being accessed securely.

In particular, the most likely content to break web page security are photos, iframes, and links to insecure pages.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
Attachments:
The following user(s) said Thank You: Jane Atkinson, Pam, user
Last edit: by SteveTheTechie.
The topic has been locked.

FreeToastHost HTTPS Support 7 years 1 day ago #61983

  • user
  • user's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 54
  • Thank you received: 12
Good job. Thank you. There were a few things broken over HTTPS. One of them is the "List All Agendas" function. There were a few other things, but I forgot what they were. I will post here once I run into the issues again.
Club #3590041
The topic has been locked.

FreeToastHost HTTPS Support 7 years 1 day ago #61997

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
I am not seeing a problem at this point.

If you find a problem, I need to know the exact circumstances (e.g. what logins, browser, etc.) and the steps you used so that I can reproduce it. Just saying that there is a problem is not sufficient to me being able to resolve it.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 7 years 1 day ago #62004

  • Jane Atkinson
  • Jane Atkinson's Avatar
  • Offline
  • Administrator
  • Administrator
  • Posts: 4007
  • Thank you received: 878
I'm also having issues with list all agendas.

I go to the agenda page (using 5316066.toastmastersclubs.org). I click on the List All Agendas box. The page reloads. But I can still only see agendas going back to the middle of last month (14 Feb).

I've tried it several times with the same results. It's not breaking https but it's not displaying all the agendas for some reason.
VPE Ernst&Young Achieving Potential, club 1137486 (Auckland, NZ)
FreeToastHost Field Officer, District 112 (Northern New Zealand)

Spare yourself anxiety and Backup your site regularly.

The following user(s) said Thank You: SteveTheTechie
The topic has been locked.

FreeToastHost HTTPS Support 7 years 1 day ago #62011

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
Ok, I killed the forced redirect to https for the moment... If you are having issues w/ https then go back to the http for a bit.

Sorry, I knew this was going to be harder than everyone was presuming it would be...
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 7 years 13 hours ago #62025

  • slmtoast
  • slmtoast's Avatar
  • Offline
  • New Member
  • New Member
  • Posts: 4
  • Thank you received: 1
Hi Steve,

Our club is registered as www.durhamtoastmasters.org. We used to access the site via non-ssl connection www.durhamtoastmasters.org which still works fine. Our issue is if our club is searched via Google and someone clicks the results link it now redirects to ssl www.durhamtoastmasters.org and we get certificate errors. What can we do to fix?

Maury Smith (VP Public Relations)
The topic has been locked.

FreeToastHost HTTPS Support 7 years 1 hour ago #62046

  • Brian
  • Brian's Avatar
  • Offline
  • Administrator
  • Administrator
  • Posts: 11613
  • Thank you received: 3873
You cannot use https on your site as www.durhamtoastmasters.org does not have a secure certificate.

If you want to use a secure certificate you will have to use 1203.toastmastersclubs.org

Thank you,

Brian McDonald DTM, PDD D61
FTH Lead Technical Support
member Cataraqui Valley Toastmaster 9560
The topic has been locked.

FreeToastHost HTTPS Support 7 years 5 minutes ago #62048

  • tund3r
  • tund3r's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 49
  • Thank you received: 11
Hi Steve,

A free way to get a certificate is "Let's Encrypt"

it checks that you own the domain and it generates a perfectly valid certificate for the domain. If I remember correctly you can verify uploading a page on the server where the domain is pointed so you don't need anything from the owner of the domain. (I guess to work correctly you already made them point to your server)

You should be also able to generate one unique certificate for all the domains, and it has a script that renew them etc ... so the hassle in just in the installation the first time.

I hope this helps
Andrea Dalle Molle
VPE Miami Beach Toastmasters
Club: 1293723
Last edit: by tund3r.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62051

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Hi Steve,

A free way to get a certificate is "Let's Encrypt"

it checks that you own the domain and it generates a perfectly valid certificate for the domain. If I remember correctly you can verify uploading a page on the server where the domain is pointed so you don't need anything from the owner of the domain. (I guess to work correctly you already made them point to your server)

You should be also able to generate one unique certificate for all the domains, and it has a script that renew them etc ... so the hassle in just in the installation the first time.

I hope this helps


Incorrect. We can only get certificates for domains that we control. We do not control custom domains.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62053

  • tund3r
  • tund3r's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 49
  • Thank you received: 11
the domains are not pointed to freetoast apache server?
Andrea Dalle Molle
VPE Miami Beach Toastmasters
Club: 1293723
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62055

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

the domains are not pointed to freetoast apache server?


Yes, but each club w/ a custom domain registers and pays for their own custom domain. My understanding from Brian is that security certificates have to be put in the DNS records for those domains at their registrar... we do not have access to those DNS records... the clubs do.

We have a wild card certificate that covers all subdomains of toastmastersclubs.org... but this would not cover custom domains... each is different.

Lastly, this is something that Brian and I have working on... Brian installed our cert... he is really our networking and server guru. If you have ideas in this area, make sure you include him.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The following user(s) said Thank You: silverdalex
Last edit: by SteveTheTechie.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62063

  • tund3r
  • tund3r's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 49
  • Thank you received: 11
The certifying organization needs be sure you are legit and it checks you have access to the root directory of where the domain is pointed, the same thing analytics does or any other service that asks you to proof you have access to the domain. (different certifying organizations use different methodologies, some might even require personal documents etc ... but it's their way to operate, some like let's encrypt, which is a free open project, it's much easier, equally recognized and equally reliable)

There is nothing of the certificate that goes in the dns (except some certifying organizations require the TXT record as a proof of ownership), the actual certificate needs to be installed on the server and the certifying organization has the other part that is necessary when it get an inquiry to verify the certificate.

With let's encrypt there is a script that does everything automatically if you have access to the root directory pointed by the A record of the domain you are trying to certify (wich by my understanding of the freetoast architecture should be freetoast server)

I hope this helps, if you need anything just let me know
Andrea Dalle Molle
VPE Miami Beach Toastmasters
Club: 1293723
The following user(s) said Thank You: SteveTheTechie, silverdalex
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62068

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
I would like to get Brian's view point on this.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62075

  • slmtoast
  • slmtoast's Avatar
  • Offline
  • New Member
  • New Member
  • Posts: 4
  • Thank you received: 1
Hi Brian,

Yes that is what I thought based on the post from Steve about custom domains. He also posted something about turning off the auto redirect to https but it still appears to be in place for our website.

Maury
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62076

  • slmtoast
  • slmtoast's Avatar
  • Offline
  • New Member
  • New Member
  • Posts: 4
  • Thank you received: 1
Brian,

You can disregard my last post. My issue with redirect was due to local browser cache. I'll keep following the thread for opinions on acquiring a custom domain SSL certificate.

Maury
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62078

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
You can blame the following header that it seems a lot of browsers are sending to the server:
Upgrade-Insecure Requests

stackoverflow.com/questions/31950470/wha...requests-http-header

I have not found a way to disable this... .I am thinking maybe the browser is detecting that there is a security cert available so it is forcing the upgrade.

Only way I have found around it is to load a website w/o http:// or https:// in the URL in the address box.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
Last edit: by SteveTheTechie.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62115

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
Update:

We are still seeing an issue w/ 404 (resource not found) errors when running under HTTPS. This is occurring for "virtual resources" that seem like files per the URL but really are not (e.g. generated from content in the db)--"agenda.html" is a good example. I am working around it at the moment w/ a code tweak, but you can observe these if you are technically inclined and open your browser's developer console.

My opinion is that an additional server configuration tweak is needed, but i have not yet had a chance to discuss that w/ Brian.

Please bear w/ us... we will get this worked out. :)
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62118

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Update:

We are still seeing an issue w/ 404 (resource not found) errors when running under HTTPS. This is occurring for "virtual resources" that seem like files per the URL but really are not (e.g. generated from content in the db)--"agenda.html" is a good example. I am working around it at the moment w/ a code tweak, but you can observe these if you are technically inclined and open your browser's developer console.

My opinion is that an additional server configuration tweak is needed, but i have not yet had a chance to discuss that w/ Brian.

Please bear w/ us... we will get this worked out. :)


I believe that this 404 issue is resolved now. :)
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62206

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Hi Steve,

A free way to get a certificate is "Let's Encrypt"


Thanks for your post... I am looking into this now. I have a post in their community forum.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62215

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831
Some clubs may need to change the URLs for photos and/or iframes from http:// to https:// to get them to show... otherwise you just get a blank spot on the page where they reside.

In particular, this is the case with the Google maps iframe... if you are seeing a situation where you are missing something that should be shown on your page, you should check this.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
Last edit: by SteveTheTechie.
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62217

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Ok, I killed the forced redirect to https for the moment... If you are having issues w/ https then go back to the http for a bit.

Sorry, I knew this was going to be harder than everyone was presuming it would be...


This automatic redirect from http:// to https:// has been reimplemented, but as a server configuration RewriteRule. (seamless / less headaches that way)

Again, pay attention for missing content... most of the time it is likely because it needs a https:// in its URL.
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
The following user(s) said Thank You: Jane Atkinson
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62227

  • mamta
  • mamta's Avatar
  • Visitor
  • Visitor
Club: 4260

Hi there,

Note: I created a new thread as I didn't realize there was already one on this topic. Sorry, I don't know how to delete the other thread :(

I created a link to our District's website (iFrame - see link below) which was working fine until a day or so ago. Iframes on Home page are working fine. I read the Admin notes from Steve regarding adding <https> instead of just <http> but that results in an error message. I'm not sure how to fix this. Thank you in advance for your assistance.

humbershorestoastmasters.toastmastersclubs.org/District_60.html

Mamta, VPPR
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62228

  • slmtoast
  • slmtoast's Avatar
  • Offline
  • New Member
  • New Member
  • Posts: 4
  • Thank you received: 1
Interesting article on Let's Encrypt. Its not necessarily a bad thing but it looks like it they are being leveraged by malicious websites due to ease of acquiring the certificate.

www.engadget.com/2017/03/31/when-the-s-i...so-stands-for-shady/

Comodo and GeoTrust are known reliable players offering this service and they offer basic SSL certificate offerings for around $13 per year.

Maury
The following user(s) said Thank You: silverdalex
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62233

  • tund3r
  • tund3r's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 49
  • Thank you received: 11
This is an interesting article, anyway having a more trustworthy player doesn't change anything.

The real reason for having https is not to prevent fishing websites but prevent that ISP (AT&T, Verizon, Comcast) or who has access to them (FBI) can read everything you are transmitting to and from the website and eventually use it selling your browsing habits, getting your passwords, monitoring everything you do.

HTTPS creates an encrypted connection between you and the server you are accessing so the information (that to reach the server is passing through a lot of routers/servers/network architecture, and sometimes machine that are designed just to steal data) travels safely to the end point.

You choosing something different from let's encrypt does not prevent anyone from creating a similar domain and getting a certificate with let's encrypt or someone else (there are a lot of players and I can guarantee let's encrypt is not the only one that scammers can use)
Andrea Dalle Molle
VPE Miami Beach Toastmasters
Club: 1293723
The following user(s) said Thank You: silverdalex
The topic has been locked.

FreeToastHost HTTPS Support 6 years 11 months ago #62235

  • SteveTheTechie
  • SteveTheTechie's Avatar Topic Author
  • Offline
  • FreeToastHost Developer
  • FreeToastHost Developer
  • Posts: 13529
  • Thank you received: 3831

Ok, I killed the forced redirect to https for the moment... If you are having issues w/ https then go back to the http for a bit.

Sorry, I knew this was going to be harder than everyone was presuming it would be...


This automatic redirect from http:// to https:// has been reimplemented, but as a server configuration RewriteRule. (seamless / less headaches that way)

Again, pay attention for missing content... most of the time it is likely because it needs a https:// in its URL.


Ok, and I have disabled the redirect again until we can figure out what to do, if anything, about mixed custom content (part http: and part https:). :S Mixed custom content is not really our problem (you all define the custom content), but I am guessing you all would like me to come up with a solution anyway... :whistle:
Regards,

Steve James, DTM
FreeToastHost System Developer
Officer Emeritus, Mindful Communicators (Club 1966, District 52) A President's Distinguished Club for each of the last 10 years.

>>> Please put your club number in your forum profile. CLICK here to edit your profile.
Last edit: by SteveTheTechie.
The topic has been locked.
  • Page:
  • 1
  • 2
Moderators: Pamrhtaylor3jliumarc33NotLiabledeedubbleyooNSBPhyllis Kirouac
Time to create page: 0.135 seconds
Powered by Kunena Forum