Tagged With "SSL"

Reply

Re: Heartbleed SSL Vulnerability

Melanie ·
Hi Brian, Thanks for this update. I have a question related to Facebook, GMail and Yahoo - for folks who used those services to login to our Hoopla community, are they in any way endangering our community if they have not changed their passwords on those platforms? (For example, on FB, you can choose to always use https for your account; and you can also integrate your account with Hoopla; and FB was at risk due to Heartbleed.) I would like to post a reminder to our members to change those...
Reply

Re: Heartbleed SSL Vulnerability

Brian Lenz ·
Hi Melanie, I don't think they could be "endangering" your community unless they are admins on your site and those sites were exposed to the heartbleed vulnerability. Of course, if their Facebook/Google/Yahoo accounts were compromised, then they would be vulnerable on any third party system that they have linked to their social account (such as Hoop.la). Hoop.la has no inherent vulnerability by using those third party social login platforms, so it really comes down to whether or not a user's...
Comment

Re: Free "Let's Encrypt" Security For Your Community

neil ·
How will the change to https affect existing links to our site (from other sites and search engines), and within our site?
Comment

Re: Free "Let's Encrypt" Security For Your Community

Rosemary O'Neill ·
Hi @neil , all of the links within Hoop.la, and external links TO your Hoop.la site, will just work magically. However, you would want to check your header, footer, any custom CSS, ad slots, images or videos from an external source, etc., for anything loading http:// and change it to https://.
Comment

Re: Free "Let's Encrypt" Security For Your Community

Rich Melvin ·
Neil, we run banner ads in our Hoopla forum served from an outfit called "Adpeeps.com." When we first made the Hoopla change to https, the banners did not appear. The browser would not display a mix of "secure" and "non-secure" content. All I had to do was go into the Adpeeps code and add the "s" where appropriate and all was OK. Adpeeps now generates code that contains "https" so the problem has solved itself on both ends. External LINKS appeared just fine, even though the link was going to...
Comment

Re: Free "Let's Encrypt" Security For Your Community

neil ·
Thanks Rich and Rosemary. We have a ton of links embedded by users in their posts. Are you saying all those would need to be changed ? <- 1st time ever using the exploding sausage/balloon
Comment

Re: Free "Let's Encrypt" Security For Your Community

Brian Lenz ·
@neil , the process to enable TLS/SSL will automatically update your community URLs (including embedded image attachments, etc.) to use SSL. Any external URLs will not be updated, however, as Hoop.la can't make any guarantees about whether those external data sources support HTTPS or not. Note that this would only be an issue for embedded content; any external URL links wouldn't be an issue. Does that help?
Comment

Re: Free "Let's Encrypt" Security For Your Community

neil ·
Thanks for clarifying, Brian. Our "embedded" content consists almost entirely of https youtube (iframe) so we should be okay. What's the next step for authorizing and getting this done?
Comment

Re: Free "Let's Encrypt" Security For Your Community

Brian Lenz ·
@neil , just open a private support topic requesting the change!
Comment

Re: The IP Address Geolocation Release

neil ·
Thanks for the updates Ted and crew. Regarding: "Extract Improvement: we now filter out quoted text from content extracts to make the extracts more readable." Can you explain this one a little more?
Comment

Re: The IP Address Geolocation Release

Brian Lenz ·
Hi @neil ! That just means that when Hoop.la generates automated extracts of posts (e.g. for showing recent replies in the topic list), Hoop.la will now strip out any quoted text (i.e. text in a blockquote ). This will give more focus to the actual post/reply/comment that was made.
Reply

Re: expiring SSL Certificate

Brian Lenz ·
Hi Gary, Your Hoop.la site doesn't have SSL, so there is no SSL certificate to be worried about (and if there was, we would have notified you about it). Do you have any other websites that have SSL enabled that the call could have been about? If not, it may have been a spam phone call. Hope that helps! Brian
Reply

Re: expiring SSL Certificate

glhglh ·
Great. They specifically mentioned the Hoop.La site. Please mark this answered. Thanks.
Reply

Re: expiring SSL Certificate

Brian Lenz ·
Interesting. It was probably just a sales pitch trying to get you to buy a cert (whether you need it or not). Have a great day!
Blog Post

Free "Let's Encrypt" Security For Your Community

Paulo Jacob ·
Here at Social Strata, we are always looking for ways to increase security for our customer communities, and today we are announcing a new offering to allow our customers to use HTTPS (i.e. "SSL") at no conet
Blog Post

The IP Address Geolocation Release

Ted O'Neill ·
Hey, a new Hoop.la update... this one including support for IP Address geolocation information! Get the scoop...
Question

expiring SSL Certificate

glhglh ·
I just got a phone call from someone saying my SSL Certificate for Hoop.La expires soon, and trying to sell me something. Is this something that will happen? What to do?
Announcement

Heartbleed SSL Vulnerability

Brian Lenz ·
We wanted to provide a formal update regarding the recently discovered Heartbleed SSL vulnerability. The issue is a bug in the widely-used OpenSSL library that enables an attacker to gain access to private keys that allow the attacker to steal data...
Blog Post

HTTPS Coming Soon To All Hoop.la Communities

Paulo Jacob ·
Here at Social Strata, the security of our customers and their visitors is paramount. Last October we published a blog post about our offer of free Let's Encrypt certificates so that our customers can add TLS (previously known as SSL) to their Hoop.la communities, as there are several security advantages in doing so. The response was amazing, with a significant amount of customers taking that offer. Now, starting June 5th, we are proactively moving all Hoop.la communities to HTTPS in order...
Reply

Re: Request To Enable SSL

Paulo Jacob ·
Hi Tara, Thank you for your contact! We have now enabled SSL on your site. You will notice that the site will now respond to https://members.thegrantscollective.org . However, to get a padlock, showing that the site is fully secured, all the elements on the page (like images) will have to be using https too. I believe that is not the case with the banner on the top of your site. If you change that, you should be able to get the padlock beside the URL of your site (like you see if you go to...
Reply

Re: Request To Enable SSL

Tara Gohr ·
Hi Paulo, Which banner are you referring to? Thanks! Tara & Erin
Reply

Re: Request To Enable SSL

Paulo Jacob ·
Hi all, This one: The address that the image loads from (not the link it leads to) starts with http://members.thegrantscollec....org/ws/masthead5_.. . and it should be https. The destination link can stay as it is, although if you want you can change that too. Regards, Paulo
Reply

Re: Request To Enable SSL

Tara Gohr ·
Hi Paulo, that file doesn’t appear to be in our Web Space (all of the files in WS are https) — are you able to tell where it’s loading from? Thanks for your help! Tara
Reply

Re: Request To Enable SSL

Tara Gohr ·
Hi Paulo - I figured it out (under Home Page Settings) and corrected it. We now have the padlock. Thanks again for all your help. Tara
Reply

Re: Request To Enable SSL

Paulo Jacob ·
Hi Tara! Thank you for the update! I'm glad all got sorted. I had to step out yesterday, so I could not get back to you sooner. Best regards, Paulo
Question

Request To Enable SSL

Tara Gohr ·
I would like to enable SSL for my site: http://members.thegrantscollective.org
Comment

Re: HTTPS Coming Soon To All Hoop.la Communities

Paulo Jacob ·
Hi Paul, You are correct. All requests will be redirected automatically to a secure connection. If you enter http://www.socialstrata.com on your browser, it will redirect you to a secure connection. Incoming links from other sites work the same way.
Comment

Re: HTTPS Coming Soon To All Hoop.la Communities

Paul Heymont ·
If I understand this correctly, all the items that are presently on our site (TravelGumbo.com) with http:// will automatically convert to https:// but it will not change external links embedded in blogs, etc. If I am correct, what will happen if someone clicks on a Tweet, or a link somewhere else, that contains http://travelgumbo.com/blog/whatever ? Will it automatically route to https://travelgumbo.comc/blog/whatever ? If not, what can we do to make that happen?
Comment

Re: HTTPS Coming Soon To All Hoop.la Communities

Paul Heymont ·
Thanks! 71 Lefferts Avenue Brooklyn NY 11225 Fax: 347-757-3097 Mobile: 917-817-0521
Question

SSL for Site

Huskermat ·
Good afternoon, My site Huskermat.com is hosted through SS and I was wondering what I would need to do to enable an SSL for my site. I understand that at the end of the month Google Chrome will display the message that the site is unsafe if an SSL is not enabled. What would I need to do to resolve this issue? Thanks--Ross
Reply

Re: SSL for Site

Lori ·
Hi, Ross: We can do that for you for free! We use Let's Encrypt, per this article we posted last fall. Before we actually switch it over to SSL, you'll want to update any http resources you have on the site to https. For example, any external JavaScript, CSS, images, etc that are currently loading http:// should be changed to https://. Once you've checked the site and made those changes, let us know, and we'll make the switch. Let me know if you have any questions! Lori
Blog Post

Social Network Integration Changes

Jonmark Weber ·
As many of you know, we recently migrated all Hoop.la sites to SSL . One consequence of switching to SSL is that some Social Network integrations may need to be updated. This is due to OAuth callback URLs which are registered for each Social Network and are used to validate the authenticity of requests made through the various APIs that enable these features. Since each Hoop.la customer controls their own Social Network integrations, you must fix the issue if it applies to your site. If you...
Comment

Re: Social Network Integration Changes

Daniel Dixon ·
Great information and thanks for sharing. it will be informative for me.
Reply

Re: How To Install Let's Encrypt SSL

Lori ·
Hi, there! Can you please tell me the name and URL of your site? Thanks, Lori
Reply

Re: How To Install Let's Encrypt SSL

Mohsin ·
Thanks, Lori for your prompt response. I solved the issue.
Question

How To Install Let's Encrypt SSL

Mohsin ·
Hello, As Google has made SSL necessary, may I know how I can enable SSL on SS hosted website? Also, let me know the procedure to automatically renew the certificate as it gets expired in the period of three months.
Reply

Re: SSL for Site

Huskermat ·
I guess I'd have to ask my site designer if I use that? My site is kind of old but it still works lol
Reply

Re: SSL for Site

Prince Moga ·
I still see .. There is no SSL installed on your site .. As Lori said .. It might be complicated for you .. But if you are using WordPress then I would suggest you go with Really Simple SSL plugin. It's amazing .. You don't need any kind of coding .. Just install the plugin and get it done ..
×
×
×
×