CCbill forcing sites on https

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • cybermike
    Confirmed User
    • Jan 2002
    • 4121

    #1

    CCbill forcing sites on https

    Surprised its not being talked about much since I see a lot of ccbill sites still not on it.. Been ignoring the flood of emails but sounds like we need to put our ccbill paysites on https or they wont work properly?
    Hey surfers how about some The Best Porn Sites
  • bns666
    Confirmed Fetishist
    • Mar 2005
    • 11554

    #2
    refer.ccbill.com is not on https, why don't they first do it on their own?
    CAM SODASTRIPCHAT
    CHATURBATEX LOVE CAM

    Comment

    • tony286
      lurker
      • Aug 2002
      • 57021

      #3
      Why wouldn't you want to do that?

      Comment

      • cybermike
        Confirmed User
        • Jan 2002
        • 4121

        #4
        Just saying I bet a ton of old ccbill sites not on the same page.. Hope doing this doesn't break my old scripts lol
        Hey surfers how about some The Best Porn Sites

        Comment

        • Klen
          • Aug 2006
          • 32235

          #5
          Any site which have members should have https, end of story.

          Comment

          • RyuLion
            • Mar 2003
            • 32369

            #6
            Originally posted by KlenTelaris
            Any site which have members should have https, end of story.


            There's free SSL out there also guys..

            Adult Biz Consultant A tech head since 1995
            Affiliate Support: Chaturbate | CCBill Live

            Comment

            • blackmonsters
              Making PHP work
              • Nov 2002
              • 20964

              #7
              Originally posted by cybermike
              Surprised its not being talked about much since I see a lot of ccbill sites still not on it.. Been ignoring the flood of emails but sounds like we need to put our ccbill paysites on https or they wont work properly?
              This is the solution :


              https://letsencrypt.org/


              If you have Plesk as your server admin then just login and install for each domain.
              If you have cpanel, I haven't checked that out yet.

              I'm testing my plugin with that now and camsoda has issues.
              The https makes their video not play unless I put in a redirect for regular http.
              Free Open Source Live Aggregated Cams Script (FOSLACS)

              Comment

              • cybermike
                Confirmed User
                • Jan 2002
                • 4121

                #8
                Sure not worried about that part.. was worried about the cms breaking but tested it on one of my tiny ones and seemed to work fine..

                So guess I'm good and will be bugging my host tomorrow to move them over to https

                But see a lot of solo girl sites not on https yet.. even zishy.com
                Hey surfers how about some The Best Porn Sites

                Comment

                • blackmonsters
                  Making PHP work
                  • Nov 2002
                  • 20964

                  #9
                  Originally posted by cybermike
                  Sure not worried about that part.. was worried about the cms breaking but tested it on one of my tiny ones and seemed to work fine..

                  So guess I'm good and will be bugging my host tomorrow to move them over to https

                  But see a lot of solo girl sites not on https yet.. even zishy.com
                  OH yeah! Good point.
                  I forgot about other CMS out there with the http in the DB.
                  But it works fine for Wordpress when used in plesk.
                  Don't even blink if it's a wordpress site.
                  Free Open Source Live Aggregated Cams Script (FOSLACS)

                  Comment

                  • mikeet
                    this & that
                    • May 2005
                    • 5385

                    #10
                    Originally posted by cybermike
                    But see a lot of solo girl sites not on https yet.. even zishy.com
                    Probably because of their loyal following, they may feel its not necessary yet..

                    Comment

                    • His Infernal Majesty
                      Confirmed User
                      • Jul 2004
                      • 469

                      #11
                      From CCBill.

                      I wanted to assure you that this is not the case. We are not requiring that our merchants use SSL, but we do recommend it. The emails we have been sending out are informing merchants who do use SSL that in order to continue to work properly with our system, to receive consumer information after a successful sale, their system has to support TLS 1.2, which basically means they need to use a newer version of SSL.

                      These changes are ONLY for merchants using SSL, and if you do not use SSL, you do not have to worry about these changes.

                      Comment

                      • Look Chang
                        Voyeur
                        • Sep 2010
                        • 18255

                        #12
                        ^^^ Big thanks for this clarification.

                        Comment

                        • cybermike
                          Confirmed User
                          • Jan 2002
                          • 4121

                          #13
                          Hello Mike,

                          Thank you for your email.

                          If your server host do support TLS 1.2, you need to update your servers to TLS 1.2. You need to make sure that any of your sites that use SSL support TLS 1.2.

                          If that is not the case then after the change on 2018-06-11, we will have issues communicating with your server.

                          From what I see you are utilizing a http protocol on these two websites, you should have a https instead of just http. The ā€œsā€ at the end of http indicates that it is a secure encrypted connection of SSL or TLS.

                          With that being said, best way to ensure that there is no interruption of your services with CCBill is that you contact your developer/webhost to inquire your servers/websites are TLS 1.2 enabled.

                          --
                          Regards,

                          Marko M.
                          Hey surfers how about some The Best Porn Sites

                          Comment

                          • cybermike
                            Confirmed User
                            • Jan 2002
                            • 4121

                            #14
                            And asking if can opt out

                            Hello Mike,

                            I'm afraid there is no work around for this. If you don't update, there is a big chance that you will not receive webhooks, postbacks, or any feature you are using in Management system.
                            Hey surfers how about some The Best Porn Sites

                            Comment

                            • His Infernal Majesty
                              Confirmed User
                              • Jul 2004
                              • 469

                              #15
                              Originally posted by cybermike
                              You need to make sure that any of your sites that use SSL support TLS 1.2.
                              They are saying you should use https just because it's more secure in general...but they are also saying above this change will only affect sites using https. These statements are independent of each other. You can't "opt out" if you are using https.

                              Comment

                              • rowan
                                Too lazy to set a custom title
                                • Mar 2002
                                • 17393

                                #16
                                I read it as the ccbill API requires you support TLS 1.2, which is different to ccbill requiring that your "site" moves to HTTPS.

                                In other words, surfer clicks from a HTTP site to a ccbill HTTPS URL will still work just fine. Notwithstanding the browsers nagging about insecure sites, but that's nothing to do with this ccbill change.

                                Comment

                                Working...