Unsafe Website

For information and questions on how to use the discussion board (do not post ostomy related questions in this area!).
Anyone can read. Only registered users can post.
No commercial posting allowed.

Moderators: Bob Webtech, Jimbob

Forum rules
Before posting, please read our Discussion Board Terms and Conditions and our Code of Conduct. This particular area of our board is only for issues on how to use the board, not for ostomy-related questions!
Post Reply
User avatar
Terry G (UK)
Posts: 5864
Joined: 2005-10-01 01:11:56

Unsafe Website

Post by Terry G (UK) »

Can anyone tell me why Norton insists that this is an unsafe website so I have to click on advanced settings and then accept the warning telling me that the site is unsafe?

Terry
Was always willing to offer help - "Expert Patient"!
User avatar
Jimbob
Posts: 3591
Joined: 2007-06-18 17:40:16

Re: Unsafe Website

Post by Jimbob »

This is the first I have heard of this. We will look into it
User avatar
Bob Webtech
Site Admin
Posts: 995
Joined: 2005-09-29 11:17:09

Re: Unsafe Website

Post by Bob Webtech »

Terry,

I think you were away from our board for awhile. In all likelihood, you were trying to access the board using an old link or bookmark created before some changes we made last year. In that case, everything ought to work fine if you just delete your old bookmark, navigate to the board, and make a new bookmark.

(And, by the way, I think the warning messages are only from your web browser, not from Norton.)

UOAA has a number of different domain names, including uoaa.org (our original domain name acquired in 2005) and ostomy.org (acquired in 2010). From 2010 to 2014, we were running both our main website and discussion board with URLs in the ostomy.org domain. Also, since 2011, our discussion board has always used secure URLs (beginning with https prefix). Last year, we did a major redesign of our main website, although not discussion board. As a complication, our main website and discussion board are forced to operate with URLs in different domains now. We've kept our main website at www.ostomy.org but reverted to our older uoaa.org domain for the discussion board.

The correct, current URL for our discussion board is https://www.uoaa.org/forum/ which includes the https prefix and uoaa.org domain name.

Ideally, we'd like to arrange it so accesses to older discussion board URLs redirect to current ones. In fact, accesses to both http://www.uoaa.org/forum/ and http://www.ostomy.org/forum/ (with regular http prefix and either domain name) do redirect transparently to the board's current URL. Unfortunately, URLs that include the https prefix and ostomy.org domain name produce browser warnings now. This is due to a complication involving the hosting server for the new version of our main website. However, the problem affects only old discussion board links and bookmarks (specifically, links and bookmarks created before Feb 27th of 2014). And the solution is simply to create a new bookmark.

Note that I am moving this topic from our General forum to Help Using the Discussion Board forum.
Bob Baumel, UOAA discussion board administrator
User avatar
Mara
Posts: 1336
Joined: 2005-09-30 22:13:16

Re: Unsafe Website

Post by Mara »

I had the same issue as Terry when I recently logged on - although I don't have Norton - my Firefox browser, I think, gave me the message. I am on my laptop and Linux is my OS. I am in Japan now but I recall having the same message when I logged on in Paris a few months back. It seems to happen to me when I am out of the US....

I log on every day or so and am using the correct URL as far as I know....
Ileostomy due to UC - 50 odd years
User avatar
Bob Webtech
Site Admin
Posts: 995
Joined: 2005-09-29 11:17:09

Re: Unsafe Website

Post by Bob Webtech »

Here’s some more information on this topic. There are two distinct reasons why people may have difficulty accessing this discussion board. (And, by the way, I'm very aware that Terry, who started this thread, passed away shortly after posting that message. Still, I thought it would be useful to provide this additional information.)

1) Accessing board with an Outdated Bookmark/Link

This is the problem described in my previous post on March 31. It occurs when following an old bookmark or link whose URL uses the ostomy.org domain name and begins with an https (secure) prefix. Remember that, since Feb 27th of 2014, this board has been operating in the uoaa.org domain, although our main website still uses the ostomy.org domain. Unfortunately, since we launched the new version of our main website in August 2014, URLs in the ostomy.org domain that include an https prefix result in browser warnings. The exact warning depends on which browser you’re using, but here are some samples showing how the initial portion of the warning may appear in several browsers:

In Firefox: This Connection is Untrusted. You have asked Firefox to connect securely to www.ostomy.org, but we can't confirm that your connection is secure...
In Chrome: Your connection is not private. Attackers might be trying to steal your information from www.ostomy.org (for example, passwords, messages, or credit cards)...
In Safari: Safari can’t verify the identity of the website “www.ostomy.org”. The certificate for this website is invalid. You might be connecting to a website that is pretending to be “www.ostomy.org”...

While these messages are scary, nearly all browsers provide an option to connect in spite of the warning. And if you allow the connection to go through, you’ll be redirected to our board where, in the end, you will have a secure connection to our board in the uoaa.org domain.

Recently, I became aware of a reason why some users, especially, international users, might have continued to use an outdated link. The International Ostomy Association (IOA) website includes a link to our board on its page at www.ostomyinternational.org/discussionforum.htm and, until about a month ago, that link still included an outdated URL. That link has been updated now. However, you may still inadvertently find yourself using an outdated bookmark or link that points to the old URL. As a possibility to be aware of, old URLs may be stored in your browser’s history, so may show up when you start typing in the browser’s address bar. (You may need to clear the brower’s history to solve that problem.)

2) Blocking by our Security Software

As one way of protecting our board against hackers and spammers, we’ve installed security software that blocks various kinds of malicious access. This software protects the board against many harmful access attempts. But sometimes it makes a mistake and blocks someone inappropriately.

If you’re being blocked by this security software, it will (at first) show you a "403 Forbidden" error message. This message includes a reason why you’re being blocked, although the reason may be pretty brief and cryptic. The security software shows you a 403 message only three times; then, it switches to a "503 Service Unavailable" message (it does this to conserve computing resources and bandwidth of our server). When you see that 503 message, you might think our site is down but, in fact, you’re getting blocked.

If you think you’re getting blocked inappropriately, please contact me, and I may be able to resolve the problem. As an example, Mara was in France recently and found herself blocked, so she contacted me. I found that our security software made an incorrect determination on the nature of the Internet service Mara was using. I was able to correct that problem, so Mara was able to connect.

There are, however, cases in which I am unable to restore access. If you’re using an Internet provider that’s known to be friendly to hackers and spammers, our security software is going to block you. The only solution in that case is to try connecting through a different Internet provider, perhaps by using a friend’s Internet connection or by going to a library or other facility. It’s true, unfortunately, that many of the Internet providers in some parts of the world are friendly to hackers and spammers. But it also ought to be possible in every country to find Internet providers that aren't friendly to hackers and spammers and will enable you to access our discussion board.
Bob Baumel, UOAA discussion board administrator
Post Reply