Welcome to Our Community
Wanting to join the rest of our members? Feel free to sign up today.Sign Up
Unregistered users can now participate on SneakyDave.com. All posts are moderated, which means they won't show up until they're approved.Dismiss Notice
I recently reconfigured the site to use SSL. At the moment, it is using CloudFlare's "flexible" SSL option, which provides a good layer of encryption, but isn't the best solution for me, personally.
I plan to get a certificate assigned, and get some better tuning performed on the site for SSL the next time a new VPS is provisioned.
Please let me know if you have any questions or issues.
If you recently visited the site, and wondered why you had to sign in again, the reason is because I recently reset all users' sessions due to a bug recently found in CloudFlare's service.
This bug (now fixed) can result in cached pages on one site being presented to users on another site, and this cached data can include personal information, and possibly cookie information.
I don't suspect this problem to be a big issue on a small site such as this, but I took the precaution to remove all sessions from the database, and then renamed the cookie prefix for this site, hopefully averting any problems with session hijacking, or any other nefarious actions.
Again, I don't see this bug being an issue at all for this site, but I wanted to at least give an explanation of why members have to re-sign in. If you are concerned about this bug, CloudBleed, I also suggest that you change your password.
It's been too long for this site to go without SSL, so I'll be installing that soon also.
Page 1 of 4