GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   CCbill forcing sites on https (https://gfy.com/showthread.php?t=1299868)

cybermike 06-09-2018 07:55 AM
CCbill forcing sites on https
 
Surprised its not being talked about much since I see a lot of ccbill sites still not on it.. Been ignoring the flood of emails but sounds like we need to put our ccbill paysites on https or they wont work properly?

bns666 06-09-2018 08:00 AM
refer.ccbill.com is not on https, why don't they first do it on their own?

tony286 06-09-2018 08:35 AM
Why wouldn't you want to do that?

cybermike 06-09-2018 08:40 AM
Just saying I bet a ton of old ccbill sites not on the same page.. Hope doing this doesn't break my old scripts lol

Klen 06-09-2018 09:06 AM
Any site which have members should have https, end of story.

RyuLion 06-09-2018 09:57 AM
Quote:
Originally Posted by KlenTelaris (Post 22284188)
Any site which have members should have https, end of story.
:2 cents::2 cents:

There's free SSL out there also guys..:2 cents:

blackmonsters 06-09-2018 10:21 AM
Quote:
Originally Posted by cybermike (Post 22284160)
Surprised its not being talked about much since I see a lot of ccbill sites still not on it.. Been ignoring the flood of emails but sounds like we need to put our ccbill paysites on https or they wont work properly?
This is the solution :


https://letsencrypt.org/


If you have Plesk as your server admin then just login and install for each domain.
If you have cpanel, I haven't checked that out yet.

I'm testing my plugin with that now and camsoda has issues.
The https makes their video not play unless I put in a redirect for regular http.

cybermike 06-09-2018 10:22 AM
Sure not worried about that part.. was worried about the cms breaking but tested it on one of my tiny ones and seemed to work fine..

So guess I'm good and will be bugging my host tomorrow to move them over to https

But see a lot of solo girl sites not on https yet.. even zishy.com

blackmonsters 06-09-2018 10:34 AM
Quote:
Originally Posted by cybermike (Post 22284214)
Sure not worried about that part.. was worried about the cms breaking but tested it on one of my tiny ones and seemed to work fine..

So guess I'm good and will be bugging my host tomorrow to move them over to https

But see a lot of solo girl sites not on https yet.. even zishy.com
OH yeah! Good point.
I forgot about other CMS out there with the http in the DB.
But it works fine for Wordpress when used in plesk.
Don't even blink if it's a wordpress site.

mikeet 06-09-2018 02:31 PM
Quote:
Originally Posted by cybermike (Post 22284214)
But see a lot of solo girl sites not on https yet.. even zishy.com
Probably because of their loyal following, they may feel its not necessary yet.. :2 cents:

His Infernal Majesty 06-09-2018 08:37 PM
From CCBill.

Quote:
I wanted to assure you that this is not the case. We are not requiring that our merchants use SSL, but we do recommend it. The emails we have been sending out are informing merchants who do use SSL that in order to continue to work properly with our system, to receive consumer information after a successful sale, their system has to support TLS 1.2, which basically means they need to use a newer version of SSL.

These changes are ONLY for merchants using SSL, and if you do not use SSL, you do not have to worry about these changes.

Look Chang 06-09-2018 08:47 PM
^^^ Big thanks for this clarification. :thumbsup

cybermike 06-09-2018 10:38 PM
Hello Mike,

Thank you for your email.

If your server host do support TLS 1.2, you need to update your servers to TLS 1.2. You need to make sure that any of your sites that use SSL support TLS 1.2.

If that is not the case then after the change on 2018-06-11, we will have issues communicating with your server.

From what I see you are utilizing a http protocol on these two websites, you should have a https instead of just http. The “s” at the end of http indicates that it is a secure encrypted connection of SSL or TLS.

With that being said, best way to ensure that there is no interruption of your services with CCBill is that you contact your developer/webhost to inquire your servers/websites are TLS 1.2 enabled.

--
Regards,

Marko M.

cybermike 06-09-2018 10:40 PM
And asking if can opt out

Hello Mike,

I'm afraid there is no work around for this. If you don't update, there is a big chance that you will not receive webhooks, postbacks, or any feature you are using in Management system.

His Infernal Majesty 06-09-2018 10:57 PM
Quote:
Originally Posted by cybermike (Post 22284484)
You need to make sure that any of your sites that use SSL support TLS 1.2.
They are saying you should use https just because it's more secure in general...but they are also saying above this change will only affect sites using https. These statements are independent of each other. You can't "opt out" if you are using https.

rowan 06-09-2018 11:05 PM
I read it as the ccbill API requires you support TLS 1.2, which is different to ccbill requiring that your "site" moves to HTTPS.

In other words, surfer clicks from a HTTP site to a ccbill HTTPS URL will still work just fine. Notwithstanding the browsers nagging about insecure sites, but that's nothing to do with this ccbill change.


All times are GMT -7. The time now is 08:28 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123