• So I am on Firefox and about every time I try and access the guild wars legacy website I get

    Your connection is not secure

    The owner of http://www.guildwarslegacy.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

    Don't know if this is on my end or if other people have ran into this as well. It usually doesn't pop up much so I was curious.

    • Official Post

    The reason for this is because people are using avatars or images that aren't on a secure (https) location. The website itself is secure, but these images aren't.

    Unfortunately, this is no easy fix for me: it would require me to download all the images and host them on this server, or change the links to a https source (if there is one).
    But, don't worry - there is no risk for security. We don't handle sensitive data, and everything is encrypted. Your passwords are hashed, so they are stored secured.

    In my test on Firefox, all I got was a small warning (a warning sign at the lock), because this kind of issue isn't really such a big deal.
    You'll also notice that this doesn't appear on all the pages.

    In general - no need to worry. The reason that Legacy even uses https/SSL (the lock) is to make our site even more secure :)!

    - Kev

    Hi there! I'm the Guild Wars Legacy admin, feel free to contact me if you've got issues.

    :ass: Inquisitor Karinda :der: Sunspear Elke :mes:Librarian Amber

    obey.jpg

  • "This site can’t provide a secure connection

    guildwarslegacy.com uses an unsupported protocol.
    ERR_SSL_VERSION_OR_CIPHER_MISMATCH"

    and yeah, I tried clearing the cache--didnt seem to change anything (and yes its httpS, I tried to do it with out the S but it just redirects to S).
    firefox is working chrome is not (then again I am on an xp computer so chrome no longer updates either---).


  • "This site can’t provide a secure connection

    guildwarslegacy.com uses an unsupported protocol.
    ERR_SSL_VERSION_OR_CIPHER_MISMATCH"

    and yeah, I tried clearing the cache--didnt seem to change anything (and yes its httpS, I tried to do it with out the S but it just redirects to S).
    firefox is working chrome is not (then again I am on an xp computer so chrome no longer updates either---).


    Everything I can find on Google indicates this is an issue entirely on your end; likely due to your outdated operating system. I'm running W10, which would explain why I'm not having issues.


    What this means is that your computer hasn't got support for the security ciphers that we use.
    I'll try to explain it: our website is using encryption in order to be more safe and to provide more privacy (though security is the main reason). In order to do this, we offer several ways in which the encryption can be done: these are the ciphers we support.
    However, with the move to our new server, support for the old and unsafe ciphers got dropped - Windows XP is one of the operating systems that doesn't support the ciphers that we use. It's nothing that I can easily fix while maintaining security (it would mean that I would have to drop SSL encryption).

    Since we're using CloudFlare, which uses SNI with ECDSA, the support is as following:
    Desktop Browsers installed on Windows Vista or OS X 10.6 or later:

    Internet Explorer 7
    Firefox 2
    Opera 8 (with TLS 1.1 enabled)
    Google Chrome v5.0.342.0
    Safari 2.1
    Mobile Browsers

    Mobile Safari for iOS 4.0
    Android 3.0 (Honeycomb) and later
    Windows Phone 7

    This is support from CloudFlare itself (which we both use for DNS hosting, protection against threats as well as analytics and as our CDN), so I fear I can't do anything against this unless I start paying them $20 a month just for Windows XP support... so I'm sorry, the only thing I can suggest here is to either upgrade to another OS or try to find a browser that does support our ciphers...

    Sorry! :(

    - Kev

  • upgrade to a new os just so I can view a website???? seriously?! I do not like any of the newer os that are out there and wont spend a dime on them. XP was the last good os that came out and I find no reason to change from it.

    It works on my firefox 4 so I will just use that instead of chrome...I dont get all the images to load but they never did, so no biggie (and it was working on chrome until about 2 days ago and then it just stopped--unless you just upgraded last week I think there is something else going on and I have the last update they did on chrome before they stopped supporting xp: Version 49.0.2623.112 m ).


  • upgrade to a new os just so I can view a website???? seriously?! I do not like any of the newer os that are out there and wont spend a dime on them. XP was the last good os that came out and I find no reason to change from it.

    It works on my firefox 4 so I will just use that instead of chrome...I dont get all the images to load but they never did, so no biggie (and it was working on chrome until about 2 days ago and then it just stopped--unless you just upgraded last week I think there is something else going on and I have the last update they did on chrome before they stopped supporting xp: Version 49.0.2623.112 m ).


    The way the internet works is that changes aren't always directly effective and it can take a while.
    I'll be looking for a way so you can access the site without encryption, but it might take a few days for me to implement something like this.

    And I would really recommend not using Windows XP (as a system admin/programmer). It's basicly an iron bucket with a few thousand holes in it. While it might work to transport water, it's not really effective anymore and it'll rust easily. If you want to see what I mean... this site will show you how many (unpatched) security issues there are with Windows XP: https://www.cvedetails.com/vulnerability-…Windows-Xp.html - it's super-easy to attack Windows XP as the security issues are easily found online and they aren't being fixed anymore.
    At the least I would suggest that you don't use your PC to do online banking/payments and I would really suggest running antivirus software (though I don't know if there's still support for this). I'll try to implement a non-SSL domain, but I can't say when it'll be ready. You might also need to delete some browser data in your browser because we're using HSTS, which means that your browser will reject visiting our site if it's not over SSL, and we're asking browsers to remember that for 6 months (so you'll need to delete that bit of data - I'll explain you how once I've gotten a solution ready).

    Kev

  • I do not have online banking and never will--its a stupid idea with more holes than xp! (I do my banking the old fashioned way--I visit my bank, my bankers know me and I know most of them). I dont even have a wireless network (dont believe in them either)....(heck, I dont even own a cell phone--so ....)
    as I said, I have no issues with continuing to use my good old firefox (version 5 I believe), so no worries about updating the site (and this is the only site I have issues with chrome on so I have no problems using firefox for a few things).

  • I think there is a minimum number of posts before you can set an avatar, like 5 or maybe 10. A mod probably knows better than me but iirc that's why I had the same question when I joined.

    ꚛꚙꚛ Ouch My Assassin | Raise R Bladez ꚛꚙꚛ

  • yes, Looney is correct we do have a minimum number of posts you need to make before being allowed an avatar.
    Either way---if you want to make some changes visit the user cp (should be up close to the top of the forum page for you) from there you can set your date style, time, etc.

    Hope that helps

  • There is indeed a requirement of having 3 posts before you can change your avatar.
    This is an automated process that triggers three times an hour, so ideally you should be able to set an avatar within 20 minutes of reaching a third post.

    This is a precaution to avoid spam avatars :)