Why Do Spammers Like This Forum So Much?

[Erin Potter]

@n18 180148 wrote:

Usually for new comers the first thing I look at is “Location” before I respond. But there is one that says “Arlington”, but I think is a spammer. Here is post 1 with a link to a generic site. Another post promoting a company in China.

We’ve seen that one. Seems mostly harmless? If the user is SPAM, they’re getting points for being on topic and over the top friendly. “GREETINGS, DEAR READERS,” makes me feel like someone is reading me a letter from another century.

[consularrider]

@Erin Potter 180190 wrote:

We’ve seen that one. Seems mostly harmless? If the user is SPAM, they’re getting points for being on topic and over the top friendly. “GREETINGS, DEAR READERS,” makes me feel like someone is reading me a letter from another century.

Or is channeling Miss manners.

[secstate]

Is this the thread in which we might respectfully request the forum move to https? The Let’s Encrypt project makes it very easy.

[n18]

@secstate 180260 wrote:

Is this the thread in which we might respectfully request the forum move to https? The Let’s Encrypt project makes it very easy.

That might stop some older phones from working because there were recent changes to how https works. Not all sites were affected. It depends on who upgrade their server to the latest protocols. Some sites stopped working for me, such as REI. I had to download Firefox mobile to access some sites, but it uses more data and therefore more battery life. It’s possible to support both https and older phone by enabling older “unsecure“ protocols.

[hozn]

This site should be using https, yes. Every site should be using it, but especially something that requests credentials.

@n18, I’m not sure what change you’re describing, but my suspicion is just that REI put some sane minimum (secure) cipher requirements in place. That wouldn’t be required when implementing SSL; however, at this point if a device’s default browser only supports insecure ciphers it’s probably time to download Chrome (or Firefox) anyway.

Edit: I don’t, though, see how switching to https would have any affect on the spam.

[secstate]

@hozn 180262 wrote:

Edit: I don’t, though, see how switching to https would have any affect on the spam.

It wouldn’t, but this thread seems to have the attention of folks who administer the board so I thought to mention it.

[hozn]

@secstate 180264 wrote:

It wouldn’t, but this thread seems to have the attention of folks who administer the board so I thought to mention it.

Yeah, I think that request has been heard, but I suspect there’s no just no technical folks to implement it (?) But, I wholeheartedly agree. Heck, we use https for the freezing saddles scoreboard.

[secstate]

Ok, I hereby volunteer to help!

[Erin Potter]

@hozn 180265 wrote:

Yeah, I think that request has been heard, but I suspect there’s no just no technical folks to implement it (?) But, I wholeheartedly agree. Heck, we use https for the freezing saddles scoreboard.

It’s definitely on our radar and wish list of requests.

[hozn]

@Erin Potter 180267 wrote:

It’s definitely on our radar and wish list of requests.

Thanks, Erin!

[peterw_diy]

@Erin Potter 180267 wrote:

It’s definitely on our radar and wish list of requests.

Any update on https? It looks like this forum may have moved from a hosting company that focused on cheap forums using this vBulletin software and didn’t offer https at all its service tiers to a more traditional Virtual Private Server company (cPanel). This might mean that adding https would be even easier, and now free (except for the config work required). Here’s a blog post from this forum’s current hosting company that makes it sound like securing this site with free LetsEncrypt https certificates might be really easy: https://blog.cpanel.com/announcing-cpanel-whms-official-lets-encrypt-with-autossl-plugin/

[Author]

Posts