What is hxxps://www.beetleforum.net?
Kind of an odd thing to find here at piriform...
What is hxxps://www.beetleforum.net?
Kind of an odd thing to find here at piriform...
Where did you find in on piriform?
Where did you find in on piriform?
Second SSL certificate (expired) being offered by the website forum.piriform.com (on port 443, standard port). Also it shares the IP address with forum.piriform.com. I figured it was some "owner's secondary interest" kind of thing.
I've pushed this up the ladder hopefully we'll have an answer soon
Juat so you know, moderators are speaking with Admins (Piriform employees) on this topic.
In your browser can you provide us with the exact steps you followed to see each separate certificate? I know that's a weird ask but it's what was asked of us.
Juat so you know, moderators are speaking with Admins (Piriform employees) on this topic.
In your browser can you provide us with the exact steps you followed to see each separate certificate? I know that's a weird ask but it's what was asked of us.
You'd have to use wireshark or a certificate testing site to see irrelevant certificates sent by the server, it's not a feature many (any?) browsers have.
Also note:
www.beetleforum.net = 52.70.228.38
forum.piriform.com = 52.70.228.38
Both sites are hosted on the same IP address.
Oops sorry wrong thread
Oops sorry wrong thread
Which post? The one asking for seemingly very relevant info?
Or do you mean the post I quoted? (who's only content strangely explains that it shouldn't have existed in the first place...)
Nope I meant a post I made here as opposed to the staff thread on the subject.
Oops sorry wrong thread
Which post? The one asking for seemingly very relevant info?
Or do you mean the post I quoted? (who's only content strangely explains that it shouldn't have existed in the first place...)
You'd have to use wireshark or a certificate testing site to see irrelevant certificates sent by the server, it's not a feature many (any?) browsers have.
Also note:
www.beetleforum.net = 52.70.228.38
forum.piriform.com = 52.70.228.38
Both sites are hosted on the same IP address.
Thanks, that's useful info. I'm not directly involved with the website but will pass it on.
So, what is hxxps://www.beetleforum.net and what does it have to do with piriform?
Be careful. When I click on that link in post #11, it pops a warning for insecure connection. Imho it should not be a live link.
EditedBe careful. When I click on that link in post #11, it pops a warning for insecure connection. Imho it should not be a live link.
Be careful. When I click on that link in post #11, it pops a warning for insecure connection. Imho it should not be a live link.
Yea, the SSL cert is expired, not really a shocking concern. Also that website is hosted on the same IP as this forum and this forum website is handing out that cert (which your browser ignores because it also gives a valid cert).
It's hosted (more or less) at piriform, so I wasn't thinking it was unsafe.
Nope it's hosted on Invision the owner of the php that builds the forum. I guess beetle probably was on the ip address before piriform.
Nope it's hosted on Invision the owner of the php that builds the forum. I guess beetle probably was on the ip address before piriform.
It appears to still be active (aside from the SSL cert expiring):
hxxp://beetleforum.net/forums/
Please follow suite and write the url with hxxp, thanks.
Please follow suite and write the url with hxxp, thanks.
I'm not sure why we are afraid of this site more than any other site on the internet. After all it is hosted on the same computer that runs this forum.
Which brings me back to my question, what's with that? I mean it's not like they separate virtual instances, it would seem certain that Apache instance hosting both websites has access to the private keys for both of the SSL certificates. This implies that the owner of one fully trusts the other or that there is only one owner.
Way too technical for me. I just know if a site pops a warning I don't go there.
Way too technical for me. I just know if a site pops a warning I don't go there.
Doesn't pop up a warning if you got to the http (not https) version of the site. Which is what I assume the members of that site are doing since they posted there as recently as yesterday.
It's a normal forum with normal users which formerly had an SSL certificate. The certificate lapsed (I guess they didn't need it / too expensive) and they didn't renew it.