Help - Search - Members - Calendar
Full Version: Warning! Dangerous site!
HTMLHelp Forums > Programming > Web Server Configuration
Brian Chandler
Here's an entry from my error log:

2021.06.30@1524 JST *** 404
/api.php?key=1 from http://216.92.213.57/api.php?key=1
Googlebot/2.1 (+http://www.google.com/bot.html)

(Meaning: missing file /api.php?key=1; refer®er was 216...)
Fairly obviously this is some kind of hack, but I wondered what the numeric IP address was. So it pasted it in, and Firefox went into a convulsion: cannot verify certificate etc etc, hackers, damage your computer, bank account, spontaneous combustion, the lot. I persisted in taking the RISK, and looked at http://216.92.213.57 - ha! It's my own site, imaginatorium.com.

Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address?

I admit I do not understand this stuff, but most explanations seem to start with logical confusion, then go downhill. Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did??

Brian Chandler
Here's an entry from my error log:

2021.06.30@1524 JST *** 404
/api.php?key=1 from http://216.92.213.57/api.php?key=1
Googlebot/2.1 (+http://www.google.com/bot.html)

(Meaning: missing file /api.php?key=1; refer(r*)er was 216...)
Fairly obviously this is some kind of hack, but I wondered what the numeric IP address was. So it pasted it in, and Firefox went into a convulsion: cannot verify certificate etc etc, hackers, damage your computer, bank account, spontaneous combustion, the lot. I persisted in taking the RISK, and looked at http://216.92.213.57 - ha! It's my own site, imaginatorium.com.

Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address?

I admit I do not understand this stuff, but most explanations seem to start with logical confusion, then go downhill. Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did??

* the person who wrote this forum software is a f*cking moron
Christian J
QUOTE(Brian Chandler @ Jun 30 2021, 11:39 AM) *

Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address?

Seems the certificates only apply to either IP or domain name, if I understood this correct:
https://stackoverflow.com/questions/310003/...ers-domain-name

QUOTE
Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did??

I suppose the traffic may not be encrypted, despite using HTTPS, and the traffic can be actively listened in on or maybe modified.

Brian Chandler
QUOTE(Christian J @ Jul 1 2021, 04:31 AM) *

QUOTE(Brian Chandler @ Jun 30 2021, 11:39 AM) *

Since access to the website (imaginatorium.com) works without problem, how could the "certification" be any different using the numeric address?

Seems the certificates only apply to either IP or domain name, if I understood this correct:
https://stackoverflow.com/questions/310003/...ers-domain-name


Thanks Christian. I got the same answer from my nephew, who is pretty much up on this sort of thing. So that's OK...

QUOTE

QUOTE
Suppose I click a link to a site whose owners I do not know (most links, of course); what dangers could befall me if the page does not have a valid https certificate, which could not befall me if it did??

I suppose the traffic may not be encrypted, despite using HTTPS, and the traffic can be actively listened in on or maybe modified.


So it seems to be ludicrously exaggerated, given that this DANGEROUS! state of affairs is exactly what we were all doing all the time 10 years ago.
Christian J
QUOTE(Brian Chandler @ Jul 1 2021, 06:23 PM) *

So it seems to be ludicrously exaggerated, given that this DANGEROUS! state of affairs is exactly what we were all doing all the time 10 years ago.

If the certificate failure is unintentional, yes (though we usually didn't do credit card payments on those unencrypted pages).

But I suppose it could also be a sign of a man-in-the-middle-attack. unsure.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2024 Invision Power Services, Inc.