AEVA Non-Secure so Password Issue
AEVA Non-Secure so Password Issue
Hi Admin
Can you PLEASE update the website so it runs a SECURE login page
ie HTTPS
Currently user passwords are sent over the internet in plain text (very poor)
Can you PLEASE update the website so it runs a SECURE login page
ie HTTPS
Currently user passwords are sent over the internet in plain text (very poor)
- jonescg
- Senior Member
- Posts: 4721
- Joined: Thu, 21 Jan 2010, 23:05
- Real Name: Chris Jones
- Location: Perth, WA.
- Contact:
Re: AEVA Non-Secure so Password Issue
@rhills - any idea how to fix this?
@coulomb?
@coulomb?
AEVA National President, WA branch director.
Re: AEVA Non-Secure so Password Issue
Try this, it works for me.
Select the address bar: http://forums.aeva.asn.au
Delete http://, and insert https:// and press Enter.
This works on Chrome and Internet Explorer Browsers.
Log in securely, all the AEVA Forum links remain prefixed with https//
Create a new AEVA Forum bookmark. Logout. Test the new AEVA Forum bookmark.
Edited
Select the address bar: http://forums.aeva.asn.au
Delete http://, and insert https:// and press Enter.
This works on Chrome and Internet Explorer Browsers.
Log in securely, all the AEVA Forum links remain prefixed with https//
Create a new AEVA Forum bookmark. Logout. Test the new AEVA Forum bookmark.
Edited
Last edited by lobster on Tue, 21 May 2019, 21:48, edited 1 time in total.
- coulomb
- Site Admin
- Posts: 6357
- Joined: Thu, 22 Jan 2009, 20:32
- Real Name: Mike Van Emmerik
- Location: Brisbane
- Contact:
Re: AEVA Non-Secure so Password Issue
That requires quite a lot of work behind the scenes to make the actual encryption work. I have no idea how close we are to having support for that, sorry.
Edit: it seems that 99% of the work is already done for us; see the next several messages.
MG ZS EV 2021 April 2021. Nissan Leaf 2012 with new battery May 2019.
5650 W solar, 2xPIP-4048MS inverters, 16 kWh battery.
Patching PIP-4048/5048 inverter-chargers.
If you appreciate my work, you can buy me a coffee.
5650 W solar, 2xPIP-4048MS inverters, 16 kWh battery.
Patching PIP-4048/5048 inverter-chargers.
If you appreciate my work, you can buy me a coffee.
- woody
- Senior Member
- Posts: 1716
- Joined: Sat, 21 Jun 2008, 02:03
- Real Name: Anthony Wood
- Location: Mt Colah
Re: AEVA Non-Secure so Password Issue
It’s not trivial but it’s not heaps of work for someone who’s done it before, certificates are now free thanks to the “Lets Encrypt” initiative, possibly the hosting company offers a one-off cost to set it up and turn it on?
Planned EV: '63 Cortina using AC and LiFePO4 Battery Pack
Re: AEVA Non-Secure so Password Issue
Yes very cheap and not a big task for a web guru. I am guessing many of the AEVA members are on big $s and likely to reuse there web passwords as not all nerds. Highly recommend we do this to protect them and there reused passwords. It should come out of national budget and each state chip in. Thinking price to fix this inc web nerd is $200 max (likely $50 if an admin reaches out to there 15 year old kids to do it).
- jonescg
- Senior Member
- Posts: 4721
- Joined: Thu, 21 Jan 2010, 23:05
- Real Name: Chris Jones
- Location: Perth, WA.
- Contact:
Re: AEVA Non-Secure so Password Issue
We're in the process of sorting out a better website and membership database which comes with substantial costs, so encryption would no doubt be part of that.
Hopefully in time for the next AGM.
Hopefully in time for the next AGM.
AEVA National President, WA branch director.
Re: AEVA Non-Secure so Password Issue
I edited my post above to be more instructive, and have placed a copy here.
Please try following this procedure, this works on Chrome and Internet Explorer Browsers.
Select the address bar: http://forums.aeva.asn.au
Delete http:// and insert https:// and press Enter.
Log in securely, all the AEVA Forum links remain prefixed with https//
Create a new AEVA Forum bookmark. Logout. Test the new AEVA Forum bookmark.
Please try following this procedure, this works on Chrome and Internet Explorer Browsers.
Select the address bar: http://forums.aeva.asn.au
Delete http:// and insert https:// and press Enter.
Log in securely, all the AEVA Forum links remain prefixed with https//
Create a new AEVA Forum bookmark. Logout. Test the new AEVA Forum bookmark.
-
- Senior Member
- Posts: 810
- Joined: Tue, 02 Dec 2008, 00:15
- Real Name: Michael Dufty
- Location: Perth, Western Australia
- Contact:
Re: AEVA Non-Secure so Password Issue
I hear hacked AEVA forum accounts are quite sought after on the dark web.
- Scotty T
- Groupie
- Posts: 102
- Joined: Tue, 10 Mar 2015, 17:57
- Real Name: Scott Taylor
- Location: Canberra
Re: AEVA Non-Secure so Password Issue
Did this recently for a forum I run for a club. It's very simple, whoever has access to your hosting should be able to make it happen.
https://stackoverflow.com/questions/439 ... od-rewrite
https://stackoverflow.com/questions/439 ... od-rewrite
- Richo
- Senior Member
- Posts: 3737
- Joined: Mon, 16 Jun 2008, 00:19
- Real Name: Richard
- Location: Perth, WA
Re: AEVA Non-Secure so Password Issue
That's how I got mine after getting banned
So the short answer is NO but the long answer is YES.
Help prevent road rage - get outta my way!
Help prevent road rage - get outta my way!
- woody
- Senior Member
- Posts: 1716
- Joined: Sat, 21 Jun 2008, 02:03
- Real Name: Anthony Wood
- Location: Mt Colah
Re: AEVA Non-Secure so Password Issue
Yes the hosting includes a certificate which it looks like the hosting is maintaining (valid May 2019-Aug 2019).lobster wrote: ↑Tue, 21 May 2019, 21:57 I edited my post above to be more instructive, and have placed a copy here.
Please try following this procedure, this works on Chrome and Internet Explorer Browsers.
Select the address bar: http://forums.aeva.asn.au
Delete http:// and insert https:// and press Enter.
Log in securely, all the AEVA Forum links remain prefixed with https//
Create a new AEVA Forum bookmark. Logout. Test the new AEVA Forum bookmark.
There are some warnings as the images are not encrypted (no biggie).
So:
Work-around: follow the above instructions
Fix: someone (rhills?) mess with .htaccess file and phpBB so default login and images are all on https://
Planned EV: '63 Cortina using AC and LiFePO4 Battery Pack
- coulomb
- Site Admin
- Posts: 6357
- Joined: Thu, 22 Jan 2009, 20:32
- Real Name: Mike Van Emmerik
- Location: Brisbane
- Contact:
Re: AEVA Non-Secure so Password Issue
Wow! They really are making an effort to make it easier these days. When DIYElectriccar.com converted to https about a year ago, the content was down for weeks, and the entire garage section is still not present, presumed never to be seen again.
Thanks @lobster and @woody for the interim instructions. I can confirm that it works for the Firefox browser as well.
MG ZS EV 2021 April 2021. Nissan Leaf 2012 with new battery May 2019.
5650 W solar, 2xPIP-4048MS inverters, 16 kWh battery.
Patching PIP-4048/5048 inverter-chargers.
If you appreciate my work, you can buy me a coffee.
5650 W solar, 2xPIP-4048MS inverters, 16 kWh battery.
Patching PIP-4048/5048 inverter-chargers.
If you appreciate my work, you can buy me a coffee.
- Richo
- Senior Member
- Posts: 3737
- Joined: Mon, 16 Jun 2008, 00:19
- Real Name: Richard
- Location: Perth, WA
Re: AEVA Non-Secure so Password Issue
AND that's how I got my facebook account
So the short answer is NO but the long answer is YES.
Help prevent road rage - get outta my way!
Help prevent road rage - get outta my way!
-
- Site Admin
- Posts: 689
- Joined: Fri, 25 Jul 2008, 01:57
- Real Name: Rob Hills
- Location: Waikiki, WA
Re: AEVA Non-Secure so Password Issue
Just returned home from my 2 months cruising up to Shark Bay and back .
Thanks for the discussion and links. I've tweaked our .htaccess file IAW the link that @Scotty T posted and it seems to be working.
Any problems with the change, please PM me or post to this thread using the @ ("mention") function and my username (rhills).
Cheers,
Thanks for the discussion and links. I've tweaked our .htaccess file IAW the link that @Scotty T posted and it seems to be working.
Any problems with the change, please PM me or post to this thread using the @ ("mention") function and my username (rhills).
Cheers,
Rob Hills
AEVA Webmaster
AEVA Webmaster
- 2022 Tesla M3 MIC LR
- 2014 Mitsubishi Outlander Aspire PHEV
Petrol Usage to last refill: Jul 2014 - Jul 2022
Total Petrol: 889.8L
ODO: 88417
Av Consumption: 1.01 L/100km
- jonescg
- Senior Member
- Posts: 4721
- Joined: Thu, 21 Jan 2010, 23:05
- Real Name: Chris Jones
- Location: Perth, WA.
- Contact:
Re: AEVA Non-Secure so Password Issue
Thanks Rob. Enjoy your 900 emails to sift through.
Worst part about tuning out for a couple of weeks is coming back to the tsunami of emails.
Worst part about tuning out for a couple of weeks is coming back to the tsunami of emails.
AEVA National President, WA branch director.
- Scotty T
- Groupie
- Posts: 102
- Joined: Tue, 10 Mar 2015, 17:57
- Real Name: Scott Taylor
- Location: Canberra
Re: AEVA Non-Secure so Password Issue
Works a treat