Bitcoin Forum
December 07, 2016, 02:37:36 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  

Warning: Moderators do not remove likely scams. You must use your own brain: caveat emptor. Watch out for Ponzi schemes. Do not invest more than you can afford to lose.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 ... 118 »
  Print  
Author Topic: [BitcoinMax.com] Closed  (Read 178465 times)
NothinG
Hero Member
*****
Offline Offline

Activity: 560



View Profile
July 05, 2012, 05:36:21 PM
 #401

I would willing to donate a few coins to pay for a cert, anyone else?

the issue is not the cert, it's the extra IP. it'll need to have it's own, rather than sharing with thrucoin, bitcoinclock, etc.
i just need to ask the host about it.

thanks though.

If you're on cPanel, you can setup one domain to use the shared IP as the SSL. It's a little tricky, but it's possible.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Bitsky
Hero Member
*****
Offline Offline

Activity: 542


View Profile
July 05, 2012, 06:01:16 PM
 #402

If you're on cPanel, you can setup one domain to use the shared IP as the SSL. It's a little tricky, but it's possible.
cpanel? I hope you are not serious. It's one of the worst ways to ruin a perfectly fine Linux installation.

If it's the only SSL, you won't need another IP. HTTPS runs on 443, so set up a vhost to listen on that port only. Add another vhost for that domain on port 80 and use mod_rewrite to redirect all requests to https.

Bounty: Earn up to 68.7 BTC
Like my post? Feel free to drop a tip to 1BitskyZbfR4irjyXDaGAM2wYKQknwX36Y
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 05, 2012, 06:22:59 PM
 #403

The problem is that, generally, it is very hard hard to do SSL vhosts on a large scale in practice.

This is because the client browser requests the certificate BEFORE it sends the HOST request.  So the server doesn't know which certificate to send.  So you get warnings like:

This is is identifying itself as thrucoin.com but you are connecting to bitcoinmax, OMGZ!!!!!

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
piotr_n
Legendary
*
Offline Offline

Activity: 1498


aka tonikt


View Profile WWW
July 05, 2012, 06:24:28 PM
 #404

just self-sign the cert and post the fingerprint on the forum.
if anyone needs it...

Check out gocoin - my original project of a bitcoin client written in Go, with some unique features.
PGP fingerprint: AB9E A551 E262 A87A 13BB  9059 1BE7 B545 CDF3 FD0E
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 05, 2012, 06:25:43 PM
 #405

just self-sign the cert and post the fingerprint on the forum.
if anyone needs it...

The cert isn't the problem:
I would willing to donate a few coins to pay for a cert, anyone else?

the issue is not the cert, it's the extra IP. it'll need to have it's own, rather than sharing with thrucoin, bitcoinclock, etc.
i just need to ask the host about it.

thanks though.

It is the way SSL works, and hard to do on shared hosting.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
piotr_n
Legendary
*
Offline Offline

Activity: 1498


aka tonikt


View Profile WWW
July 05, 2012, 06:27:01 PM
 #406

just self-sign the cert and post the fingerprint on the forum.
if anyone needs it...

The cert isn't the problem:
I would willing to donate a few coins to pay for a cert, anyone else?

the issue is not the cert, it's the extra IP. it'll need to have it's own, rather than sharing with thrucoin, bitcoinclock, etc.
i just need to ask the host about it.

thanks though.

It is the way SSL works, and hard to do on shared hosting.
then the same self-signed cert will be used for all the domains at that IP.
i dont think it would be a problem.

Check out gocoin - my original project of a bitcoin client written in Go, with some unique features.
PGP fingerprint: AB9E A551 E262 A87A 13BB  9059 1BE7 B545 CDF3 FD0E
rdponticelli
Sr. Member
****
Offline Offline

Activity: 326


Our highest capital is the Confidence we build.


View Profile
July 05, 2012, 06:37:12 PM
 #407

just self-sign the cert and post the fingerprint on the forum.
if anyone needs it...

The cert isn't the problem:
I would willing to donate a few coins to pay for a cert, anyone else?

the issue is not the cert, it's the extra IP. it'll need to have it's own, rather than sharing with thrucoin, bitcoinclock, etc.
i just need to ask the host about it.

thanks though.

It is the way SSL works, and hard to do on shared hosting.
then the same self-signed cert will be used for all the domains at that IP.
i dont think it would be a problem.

Yes, it won't be a problem here. The point is avoiding sending the password and the data in the clear, so a self signed certificate on the same ip would do it just fine. And by just publishing the fingerprint, you'll have more than enough security for this setup.
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 05, 2012, 06:39:18 PM
 #408

just self-sign the cert and post the fingerprint on the forum.
if anyone needs it...

The cert isn't the problem:
I would willing to donate a few coins to pay for a cert, anyone else?

the issue is not the cert, it's the extra IP. it'll need to have it's own, rather than sharing with thrucoin, bitcoinclock, etc.
i just need to ask the host about it.

thanks though.

It is the way SSL works, and hard to do on shared hosting.
then the same self-signed cert will be used for all the domains at that IP.
i dont think it would be a problem.

Yes, it won't be a problem here. The point is avoiding sending the password and the data in the clear, so a self signed certificate on the same ip would do it just fine. And by just publishing the fingerprint, you'll have more than enough security for this setup.

Except that you have to check the fingerprint everytime, which nobody will do, which gives false security and is worse than nothing at all.

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
piotr_n
Legendary
*
Offline Offline

Activity: 1498


aka tonikt


View Profile WWW
July 05, 2012, 06:41:10 PM
 #409

Except that you have to check the fingerprint everytime
actually, only once - while adding the exception to your browser.

Check out gocoin - my original project of a bitcoin client written in Go, with some unique features.
PGP fingerprint: AB9E A551 E262 A87A 13BB  9059 1BE7 B545 CDF3 FD0E
ErebusBat
Hero Member
*****
Offline Offline

Activity: 560

I am the one who knocks


View Profile
July 05, 2012, 06:49:13 PM
 #410

Except that you have to check the fingerprint everytime
actually, only once - while adding the exception to your browser.

Don't know about you but I have about 15 different browsers across my devices.

Although with the recent 'incidents' at the major CAs who knows how secure they are  Roll Eyes

░▒▓█ Coinroll.it - 1% House Edge Dice Game █▓▒░ • Coinroll Thread • *FREE* 100 BTC Raffle

Signup for CEX.io BitFury exchange and get GHS Instantly!  Don't wait for shipping, mine NOW!
piotr_n
Legendary
*
Offline Offline

Activity: 1498


aka tonikt


View Profile WWW
July 05, 2012, 06:52:23 PM
 #411

Except that you have to check the fingerprint everytime
actually, only once - while adding the exception to your browser.

Don't know about you but I have about 15 different browsers across my devices.

Although with the recent 'incidents' at the major CAs who knows how secure they are  Roll Eyes
oh.
in such case I can only tell you that the fingerprint is only 20 bytes long, so you should be able to memorize it before reaching the 15th browser Smiley

Check out gocoin - my original project of a bitcoin client written in Go, with some unique features.
PGP fingerprint: AB9E A551 E262 A87A 13BB  9059 1BE7 B545 CDF3 FD0E
payb.tc
Hero Member
*****
Offline Offline

Activity: 812



View Profile
July 07, 2012, 06:10:06 AM
 #412

got a largish withdrawal request today and so to help keep my balance stable, i'm offering an extra 0.1% on any deposits from now until Sunday 03:00 UTC.

offer limited to 1 btc (for the next 1000 btc worth of deposits)

(to the withdrawer: if this little promo goes nowhere, i'll just get the coins from BST)

thanks!
payb.tc
Hero Member
*****
Offline Offline

Activity: 812



View Profile
July 07, 2012, 07:53:07 AM
 #413

^^^ thanks guys, half way there already.

i know it's not much of a bonus, but you're competing with 'free' since i could have just made a withdrawal from BST Cheesy

btcash
Hero Member
*****
Offline Offline

Activity: 567



View Profile
July 07, 2012, 08:15:23 AM
 #414

What is BST?
I coundn't fid any information about this service.

The Americans take our data privacy concerns seriously. - Hans-Peter Friedrich (German Federal Minister of the Interior)
payb.tc
Hero Member
*****
Offline Offline

Activity: 812



View Profile
July 07, 2012, 08:35:42 AM
 #415

What is BST?
I coundn't fid any information about this service.

Bitcoin Savings & Trust

that's where i deposit the coins to earn interest, but you will need much more than 10 BTC to get an account there directly.
zyk
Full Member
***
Offline Offline

Activity: 224


View Profile
July 07, 2012, 12:04:22 PM
 #416

got a largish withdrawal request today and so to help keep my balance stable, i'm offering an extra 0.1% on any deposits from now until Sunday 03:00 UTC.

offer limited to 1 btc (for the next 1000 btc worth of deposits)

(to the withdrawer: if this little promo goes nowhere, i'll just get the coins from BST)

thanks!

promo over or still valid?

did you ever needed to draw on BST before?

Thanks

Zyk
John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1092


Will read PM's. Have more time lately


View Profile
July 07, 2012, 12:31:15 PM
 #417

By the way, for safety reasons, only process my withdraw application IF I request it using my Bitcoin-OTC GPG key(in my signature) to prevent unauthorised withdrawals.
Somebody please quote my post to preserve my statement.  Wink

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

danieldaniel
Hero Member
*****
Offline Offline

Activity: 854


View Profile
July 07, 2012, 12:40:40 PM
 #418

By the way, for safety reasons, only process my withdraw application IF I request it using my Bitcoin-OTC GPG key(in my signature) to prevent unauthorised withdrawals.
Somebody please quote my post to preserve my statement.  Wink

Quoted.

John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1092


Will read PM's. Have more time lately


View Profile
July 07, 2012, 12:44:31 PM
 #419

Thanks guys for the quotes.  Grin I was just wondering -if- our forums get compromised again or I somehow leaked my pass for the forums then someone could easily send in a withdrawal request for me.

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

piotr_n
Legendary
*
Offline Offline

Activity: 1498


aka tonikt


View Profile WWW
July 07, 2012, 12:46:57 PM
 #420

Thanks guys for the quotes.  Grin I was just wondering -if- our forums get compromised again then someone could easily send in a withdrawal request for me.
Then he may as well replace the PGP key in your signature.

I think a better protection is to fix your withdrawal address and never allow to use a different one while requesting a withdrawal.
Eventually payb.tc could have also required you to sign the withdrawal request with the withdrawal address - and such level of security would be sufficient for me.

Check out gocoin - my original project of a bitcoin client written in Go, with some unique features.
PGP fingerprint: AB9E A551 E262 A87A 13BB  9059 1BE7 B545 CDF3 FD0E
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 ... 118 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!