ADA Depot - A Forum To Support Users of ADA Amplification Gear

Please login or register.

Login with username, password and session length
Advanced search  

News:

Lets get Technical > All Things Tube All about preamp and power amp Tubes.

Pages: 1 [2]   Go Down

Author Topic: Donations  (Read 15044 times)

0 Members and 1 Guest are viewing this topic.

rnolan

  • Administrator
  • Superhero Member
  • ******
  • Offline Offline
  • Posts: 5998
Re: Donations
« Reply #15 on: Time Format »

Well going HTTPS has some up sides, eg when you put in your password it wont be in clear text over the evilnet, but that's about it from our perspective, and I spose no other (nefarious) site can pretend to be us just by spoofing our site. @Dante, if we have to pay for it (and seems that's the direction), can you see/check if the hosting ISP can do Transport Layer Security (TLS) 1.2 or later.  Secure Socket Layer (SSL) 3.0 or earlier is now totally insecure (but still better than nothing IMO), and TLS 1.0 & 1.1 are fast going the same way.  It's actually becoming common for HTTPS sites (and various browsers) to only support/accept TLS 1.2 for HTTPS connections.
Logged
Studio Rig: Stuff; Live Rig: More Stuff; Guitars: A few

Dante

  • Administrator
  • Superhero Member
  • ******
  • Online Online
  • Posts: 2124
  • Nothing more uncommon than common sense
    • The Best Cover Band In Sacramento
Re: Donations
« Reply #16 on: Time Format »

If I understand the email correctly, it only applies when someone searches for ADA Depot via Google. If they know the url, we should be fine.  :dunno:

rnolan

  • Administrator
  • Superhero Member
  • ******
  • Offline Offline
  • Posts: 5998
Re: Donations
« Reply #17 on: Time Format »

It will also affect searches that turn up depot posts (where a post relates to what they were searching for), they'll probably either mark it as an unsafe site or not list it  :dunno: .  Some browsers (and some settings in browsers) will stop it working, and we can expect more of this over time.
Logged
Studio Rig: Stuff; Live Rig: More Stuff; Guitars: A few

Iperfungus

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 851
  • Methodical killers do good jobs!
Re: Donations
« Reply #18 on: Time Format »

How much money is required and how much is missing yet?
Logged
On the run again!

Dante

  • Administrator
  • Superhero Member
  • ******
  • Online Online
  • Posts: 2124
  • Nothing more uncommon than common sense
    • The Best Cover Band In Sacramento
Re: Donations
« Reply #19 on: Time Format »

How much money is required and how much is missing yet?

Our hosting bill is usually $107 per year, just paid it recently. The SSL certificates are $60-$80, depending on the hosting company. It's not a requirement yet, don't worry. As long as donations trickle in sporadically, we'll get there in time. Not a rush

Iperfungus

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 851
  • Methodical killers do good jobs!
Re: Donations
« Reply #20 on: Time Format »

How much money is required and how much is missing yet?

Our hosting bill is usually $107 per year, just paid it recently. The SSL certificates are $60-$80, depending on the hosting company. It's not a requirement yet, don't worry. As long as donations trickle in sporadically, we'll get there in time. Not a rush

Ok, but let us know!  :thumb-up:
The Depot MUST LIVE ON!  :headbanger: :headbanger: :headbanger:
Logged
On the run again!

Dante

  • Administrator
  • Superhero Member
  • ******
  • Online Online
  • Posts: 2124
  • Nothing more uncommon than common sense
    • The Best Cover Band In Sacramento
Re: Donations
« Reply #21 on: Time Format »

Hi Y'all  :waving-banana-smiley-emoticon

This topic of getting an SSL certificate for the site has come up again (to make the little lock icon appear in the browser address bar, showing that we have a secure site). I have no idea what it's gonna cost, but I'm going to look into it. I just paid the annual hosting bill ($107 = ~$9/mo., paid annually).

Donations are welcome and (always) appreciated.

Rock on  :banana-rock:

MarshallJMP

  • Superhero Member
  • ******
  • Offline Offline
  • Posts: 4702
    • marshalljmpmodshop.net
Re: Donations
« Reply #22 on: Time Format »

Done !
Logged

Rusty

  • Guest
Re: Donations
« Reply #23 on: Time Format »

Pay day for me next week,  consider it already in the post OK Dante.   :thumb-up:


SENT today
« Last Edit: Time Format by Rusty »
Logged

Peter H. Boer

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 564
  • 2* MB-1 1*MP-1 + Jur's old Mod4Mk2
    • The Granny Attic
Re: Donations
« Reply #24 on: Time Format »

Pay day somewhere this week.
I'll do yearly donation this weekend.  :headbanger:
Logged
Nothing beats MB-1s and MP-1s with MDRTs

http://www.thegrannyattic.com
http://www.Illumion.net
http://www.sote.nl

rnolan

  • Administrator
  • Superhero Member
  • ******
  • Offline Offline
  • Posts: 5998
Re: Donations
« Reply #25 on: Time Format »

The main thing that TLS (similar to SSL) will provide is to protect log on details.  We'll need a certificate and probably some minor changes in the appache web server.  It needs to be at a minimum TLS v1.2 and better is TLS v1.3.  The last version of SSL (v3.0) is now very insecure and shouldn't be used.  Our server probably uses OpenSSL which is open source code for Linux (Unix) servers.  The latest version(s) of OpenSSL (IIRC 1.1.0) supports TLS v1.3.  This would also be a good time to rebuild the site and hopefully fix some of the bugs.
Logged
Studio Rig: Stuff; Live Rig: More Stuff; Guitars: A few

vansinn

  • Guest
Re: Donations
« Reply #26 on: Time Format »

Yeah, I wrote about the cert things to Dante yesterday; didn't feel like doing it in here..
As I wrote, we don't really need to pay for an approved cert, but could use a self-signed cert; I've made loads of those for private connections to mail- and web servers.
The negative with those is that users will get a warning about the certificate potentially being not trustworthy, which may not be good for us.
If we buy a cert, several places offers them cheaper than, say, Verisign.
The changes to the Apache server is mostly uncommenting the line about HTTPS, and adding a line about the cert.
Implementing this isn't related to rebuilding the site, but can be done with no other hassle.
(not that it may not be a good idea giving the site a preen'n'prune)
Logged

rnolan

  • Administrator
  • Superhero Member
  • ******
  • Offline Offline
  • Posts: 5998
Re: Donations
« Reply #27 on: Time Format »

Implementing this isn't related to rebuilding the site, but can be done with no other hassle.
(not that it may not be a good idea giving the site a preen'n'prune)
As I said it would be a good (opportune) time to rebuild the site, I know we (Dante and his/our ISP) can just implement HTTPS without a rebuild.  Moreover, I was agitating to go HTTPS a couple years ago  :facepalm: .  IIRC Dante said it would cost about $25 back then  :dunno: Mostly I want to get rid of the deprecated function error:8192: Function create_function() is deprecated
We get a couple of million of these errors in the logs per week...
But there are other issues (e.g. time format, intermittent email (for some of us), attachment size limit problem etc), hence time for a rebuild.
A self signed cert will cause issues with some browsers (e.g. chrome).  A cheaper one than verisign is fine as long as it's not from one of the dodgy cert offerings which prop up the hackers/miscreants etc.  Also need to configure apache to not down grade the connection to less than TLS 1.2
Logged
Studio Rig: Stuff; Live Rig: More Stuff; Guitars: A few

vansinn

  • Guest
Re: Donations
« Reply #28 on: Time Format »

^ agreed - some things I didn't think of (still feels weird not being admin anymore..)
Logged
Pages: 1 [2]   Go Up