Yeah, but if it continues for more than 4 hours I need to talk to my doctor.
You should have talked to your doctor first, before ordering from some fly-by-night online pharmacy. Arenât you on medication for high blood pressure?
If you thought this broke stuff, wait until you see what I do next!
(hint: trying to redirect all traffic to HTTPS and enable HSTS - thatâs not actually a hint I guess but more of a full-on spoiler.)
1 Like
âŚaaaaaaand boom. We are now all HTTPS, all the time.
Probably.
Unless I really screwed something up.
The bigdino/cog web stack, for anyone curious, now looks like haproxy -> varnish -> nginx, with haproxy doing the SSL/TLS termination for everything. This lets me use varnish caching for ssl/tls.
To REALLY go down the rabbit hole, Discourse adds like 2 more layers. haproxy -> varnish -> nginx -> discourse nginx -> discourse unicorn. /inception noise
Seems to be working so far⌠
Sometimes I can computer good!
But sometimes I can not.
3 Likes
Iâm just happy itâs fixed. I was going crazy having to manually scroll to the indicated number of new posts in a thread. Oh, the horror! 
If you hit the green button on the side it gave you the option of hitting âbottomâ to go to the bottom.
Yeah, I knew that but I had forgotten about it until a couple of days ago.
I did get an error from my tablet last night, however, saying that a secure connection couldnât be established. I will have to try playing with some other browsers.
The site is working fine using Chrome on my PC and Android phone.
Iâm trying to be a responsible webmaster, so I pulled support for SSLv3 and TLS 1.0 in order to to be POODLE-proof, and that means shutting the door on older browser/OS combos that donât support TLS 1.1 or 1.2. Hereâs the SSL Labs report showing whatâs failing:
In other words, upgrade your android tablet to 4.4 or later if it isnât!
1 Like
Nice to know that before I try to access the site on my phone. (vers. 3.4.5 - no, not kidding)
Interesting that is is failing the operating system and not the browser.
I thought Android 3.x was for tablets only. As I recall, they didnât merge the phone & tablet versions until v4. Maybe CWX is master haxor 
This is what Iâve got.
Kernel version isnât what matters, itâs the Firmware version (in your case; on other phones, itâs Android version and thatâs a more correct way to refer to it).
Okay, thatâs odd. I would expect the opposite.
Oh, yeah, it does look misleading. And, since youâre at 4.2.2, youâre probably still going to get blocked. I do wonder, though, if you use Chrome or Firefox instead of the OS browser, will it still block you? Hmmm My primary phone is running 4.4.2, so I canât test the theory.
Rightâfirmware is what matters, because âfirmwareâ == the actual Android operating system packages. The dependency that matters here is the version of OpenSSL thatâs baked into the firmware, since OpenSSL is the component that the browsers lean on to do SSL/TLS. Typically switching to a different browser doesnât matter because the browsers use the operating systemâs libraries to provide SSL/TLS.
Versions of OpenSSL with support for TLS 1.1 and 1.2 have been around for literally years, but they have dependencies and I suppose until Android 4.4 it wasnât possible (or easy or otherwise practical) to pull a new OpenSSL version into the AOSP core.
Bottom line, if youâre using a version of Android that allows TLS 1.0 ciphers (or, God help you, SSLv3 or lower), youâre vulnerable to being Man-In-The-Middleâd and having your personal information lifted directly off your phone by unskilled skript kiddies literally any time you use wifi. Upgrade now because your house isnât just unlockedâyouâve put your valuables out on your lawn with a âTake what you want!â sign on them.
tl;dr - everything is terrible, throw your electronics away and live in caves.
If my carrier actually allowed upgrades, I would. And I donât know enough to trust myself in ârootingâ my phone.