SSL Issue [UPDATE: Resolved]
No need for alarm.
Some of you are likely seeing something like this as you try to load our site:
You’re not in any danger. Indeed, unless you have top-level posting privileges, you don’t use a password and we don’t collect credit card information.
We made the shift to the more secure HTTPS protocol a couple years back and apparently our free license has expired. I’ll get it updated as soon as possible.
UPDATE: Our IT guy, Jason Lefkowitz, informs me that our certificate auto-renews every three months and is still good through January. He’s restarted the server and the issue seems to be resolved. Let me know if you see the issue re-appear.
PSA: The existence of an SSL cert != a secure or even a legitimate site. Anyone can get a free SSL cert. Hackers can and do get them for phishing and drive-by download sites.
Wasn’t too worried about it. Funny it only kicked off one one post.
Yes but typically those are for fraudulent domain names too, like ‘capita1one.info’ or similar. It is harder to get a free certificate for a domain you do not control DNS and/or hosting for. But the larger point is valid; an SSL certificate in no way confirms a site itself is secure or legitimate, rather it just encrypts traffic between your browser and the site. What happens on the site side of things is completely out of the SSL certificate’s purview.
Also I’m see the new cert, with an expiry of 1/21/2021.
@Jon: 1/23/2021, stupid no edit button.
Thanks for your work keeping this place running, James!
Of course, they might have gotten James’ password and are now creating top level posts trying to reassure us that it’s all fine, before asking us to download NotAVirus.exe and run it.
@Gustopher: You never know.
I was at a middle school when I visited the site earlier today (I normally comment in such a case as “just nutha” because it’s less likely to get mistaked by my tremor), and the screen you show popped up, but then the system passed me through. I was surprised because the district both monitors what everyone does on the system and has blocked the site before.
Funny side story: The district system always blocks LGM because the word “guns” is in the name and the state supports “zero tolerance” gun policies for schools.
Why are you running SSL; because google says to? What sensitive data are you protecting. What NSFW content do you host? I use a filtering proxy that can filter on content, but not with an SSL connection. The rush to SSL to humor Google actually makes me less secure. Just sayin’.
Thanks for this site, SSL or not.
@Just nutha ignint cracker: The weird thing is that my SSL actually auto-renews for three-month increments and the current one doesn’t expire until January. Not sure what the deal was but a reboot seems to have fixed it.
@fredw: Yes, pretty much because Google penalizes sites that don’t run in https mode and flags them as insecure. So far as I understand it, we don’t collect any user data at all.
Maybe that’s the actual problem. How is Google supposed to value you as a client if you don’t have any user data to give them?